Thanks for the replies, I got caught up in another project and
wasn't able to get back to this. The problem is that I've located a
couple of scripts that are already on the system and are acting up
and I believe it's due to magic quotes being on. Is there a way I
could turn magic quotes off on a file by file basis or even just
folders at a time to test things systematically before I turn things
off system wide?
Cheers,
Michael
k...@bitflop.com
February 10, 2011 5:40 PM
On Thu, 10 Feb 2011 14:52:26 -0500
"Bob McConnell" wrote:
It's a good idea to turn it off as soon as possible. However, you need
to test your site to make sure it won't broke something first.
You have to test not only your site, but also the data that possible
lies in the database, if any.
There is a way to undo the results of magic quotes. We have
implemented it on a number of sites so that we won't care when it
gets turned off. Early in the script we have the following code:
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_GET[$key]);
}
Many people use this approach or something similar and when you use
that from the beginning of production, it's not a problem.
If however you are going to turn Magic Quotes off while running a
production system where it was previously turned on, you might run into
problems.
Don't trust this method blindly. You have to remember that stripslashes
will only remove a single slash. If, for some reason, data has been
pulled out, updated, and re-inserted it may contain several slashes
(because each time Magic Quotes will add a new slash).
If you are turning off Magic Quotes on a system that has been running
with Magic Quotes on, you have to inspect the data manually to be safe.
---
Kind regards
Kim N. Lesmer
Programmer/Unix systemadministrator
Web: www.bitflop.com
E-mail : k...@bitflop.com
Bob McConnell
February 10, 2011 2:52 PM
From: Michael Stroh
I'm maintaining various php scripts on a server that was originally
configured to have magic_quotes_gpc turned on. The installed php
version
is 5.2.6. I've read that magic_quotes_gpc is deprecated in 5.3 and
continuing to use it is "highly discouraged." I've ran into a few
fields
that I believe this is causing issues with so I'm considering turning
it
off but am wondering what steps should I take to make sure that
nothing
breaks and what should I look out for? Also, is it still a good idea
to
turn off since this installation isn't yet at 5.3?
It's a good idea to turn it off as soon as possible. However, you need
to test your site to make sure it won't broke something first.
There is a way to undo the results of magic quotes. We have implemented
it on a number of sites so that we won't care when it gets turned off.
Early in the script we have the following code:
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_GET[$key]);
}
Bob McConnell
Michael Stroh
February 10, 2011 2:40 PM
I'm maintaining various php scripts on a server that was
originally configured to have magic_quotes_gpc turned on. The
installed php version is 5.2.6. I've read that magic_quotes_gpc
is deprecated in 5.3 and continuing to use it is "highly
discouraged." I've ran into a few fields that I believe this is
causing issues with so I'm considering turning it off but am
wondering what steps should I take to make sure that nothing
breaks and what should I look out for? Also, is it still a good
idea to turn off since this installation isn't yet at 5.3?
Cheers,
Michael
