Jump to content

Turn off Magic Quotes


Mordax Praetorian

Recommended Posts

Is there any way to turn off that ridiculously annoying Magic Quotes thing from within the code?

 

It is neither apropriate to have /"s in my text and nor it is apropriate to remove all of the slashes from it, and I honestly don't think the quotes are anywhere where they're causing a problem

 

What IS the purpose of Magic Quotes anyway?

Link to comment
Share on other sites

That sounds about right, they don't allow php to upload files either (this whole exercise is a way around that)

 

Unfortunatly, I know there will be times when I need /s to appear in the text

 

I think at the moment my best option is to use str_replace() to change /' and /" to " and ', however thats just asking for either I or one of my staff members to need to put one of those 2 character combinations in a page

Link to comment
Share on other sites

if you sanitize the insert of code from the beging you shouldnt get any problams........

 

 

Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When magic_quotes are on, all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash automatically.

Link to comment
Share on other sites

There is no database, the quotes go from a form, to the php, and are then saved to a html file

 

I don't have any sort of database at all, which is also really irritating, but I've managed to work around it so far

 

I'll go with the str_replace() solution for now, if anyone needs to use /' or /" in their text they can complain at me and I'll add it manualy

Link to comment
Share on other sites

nah, when I change hosts it'll be to a payed one, and only then if the site actualy gets off the ground

 

the problem with free hosts is that they aren't dependable, I've been on a good many in the past, and I've had ones that post offensive ads on your site, ones that distort your site with ads and don't offer any solution, ones that actualy go in and play with your code

 

There was even one I was on which ran out of badwidth half way through a month, and no, I don't mean I ran out of bandwidth, I mean the web hosting service ran out of bandwidth

 

Right now, I have a part of a payed hosting account that I got free as a gift, and although its far from perfect (which is why I'll change if the site works), its still far better than anywhere else I've been

 

I don't really need a database for the sort of thing I'm using php for, the quote thing is somewhat workable, and I know the server has reliable uptime and gives me reliable access to my files, given all of that and the fact that I'm only a few days away from absolutly needing to launch the site, I think I'm better off staying where I am now

Link to comment
Share on other sites

Here is the 411 on magic quotes (all information taken from the php manual.)

 

When magic_quotes_gpc is on, it causes get/post/cookie data to be escaped, even if you don't want or need the data to be escaped (never mind that for database input you need to remove the escapes put there by magic quotes and use mysql_real_escape_string() to escape all the special characters that can break a query.)

 

magic_quotes_gpc cannot be set in the script. It can only be set in php.ini, httpd.conf (assuming you have access to httpd.conf but not php.ini), a .htaccess file (when php is running as an Apache module), or a local php.ini (when available and when php is running as a CGI wrapper.)

 

When magic_quotes_runtime is on, data you read from a file or a database is escaped. So if you removed the escapes from get/post data and wrote it to a file and you still have the escapes when you read and display the file contents, it is likely due to magic_quotes_runtime.

 

magic_quotes_runtime can be set in the script (or any of the places already mentioned for magic_quotes_gpc.)

 

All of the magic quotes have been eliminated in php6, so code that is testing for them being on and removing the escapes using a stripslashs() or similar function will still work, but there will be no escapes present in the data to remove.

 

Code that is dependent on magic quotes being on to escape data that is inserted into a database, will suddenly stop working in php6 when there are special characters in the data, because the queries will be broken and generate a syntax error.

 

Magic quotes were yet another lazy way short cut of getting the programming language to do something that the programmer should have been doing and only when he wanted it to be done, that has caused more wasted time and code to detect and work around then they were worth. Good riddance.

Link to comment
Share on other sites

This actualy sounds rather tempting

 

whats the catch?

 

A link back to my own site. (awpti.org)

 

I'll be shifting everything off to a fully dedicated server in a few months, but that'll be an invisible process.

Link to comment
Share on other sites

PM me and I'll get everything setup on my end for you.

 

Just send me the domain name and a username you want to use for FTP. I'll setup a password for you and send it off to you (you'll be able to change it).

 

After that, it'll just be a question of switching DNS on your site (I'll probably have you point it @ ns1.geeklan.com and ns2.geeklan.com

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.