Magic quotes is a module of php which was implemented in older versions of PHP. In latest versions, the module is depreciated. It is for the purpose of processing of escaping special characters with a ‘\’ to allow a string to be entered into a database.
There are three magic quote directives:
- magic_quotes_gpc :- Affects HTTP Request data (GET, POST, and COOKIE). Cannot be set at runtime, and defaults to on in PHP.
- magic_quotes_runtime :- If enabled, most functions that return data from an external source, including databases and text files, will have quotes escaped with a backslash. Can be set at runtime, and defaults to off in PHP.
- magic_quotes_sybase :- If enabled, a single-quote is escaped with a single-quote instead of a backslash. If on, it completely overrides magic_quotes_gpc. Having both directives enabled means only single quotes are escaped as ”. Double quotes, backslashes and NULL’s will remain untouched and unescaped.
Disabling the Magic Quotes :-
For disabling Magic quotes, we need to add the following to the php.ini file :-
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ‘ with ” instead of \’).
magic_quotes_sybase = Off
In case of shared hosting, we can make a custom php.ini in the home directory of the particular account. For example under the path :- /home/test/public_html/php.ini and provided the permissions of the user for the php.ini.
If you require help, contact SupportPRO Server Admin
