/    Sign up×
Community /Pin to ProfileBookmark

Magic Quotes – can they be killed without touching php.ini?

Copy linkTweet thisAlerts:
Oct 28.2004

I understand that to prevent Magic Quotes from running, I need to have the following settings in php.ini
magic_quotes_gpc = Off
magic_quotes_runtime = Off

howevah! ?

it may be a stupid question… but I couldn’t find a straight “yes/no” answer – can I do something in the script itself to avoid changing php.ini file? my host doesn’t allow me to touch it without “special request” and even then, I sense, they might tell me they wouldn’t do so for some security reasons.

I guess I have two questions then: 1) how changing the php.ini file to reflect =Off can affect the rest of the domain (given there are no databases running on it whatsoever) and 2) can I avoid touching php.ini and not to have magic_quotes feature at all, so I don’t get those stupid slashes?!

(I already put a request to the support guys to change php.ini, but I want to know anyway…)

Thanks, all
D.

to post a comment
PHP

6 Comments(s)

Copy linkTweet thisAlerts:
@Paul_JrOct 28.2004 — You could try [url=http://www.php.net/ini-set]ini_set()[/url].
[code=php]
<?php
if(get_magic_quotes_gpc()) {
ini_set('magic_quotes_gpc', 0);
}
?>
[/code]
Theoretically, that should work.
Copy linkTweet thisAlerts:
@DariaauthorOct 28.2004 — Nope, didn't work ? unless I put it in the wrong place. Do I just stick it into the file? (see below) or do I put it on the page where I have a form?

I have it like this with the fwrite file:

[code=php]
<?php
if(get_magic_quotes_gpc()) {
ini_set('magic_quotes_gpc', 0);
}
?>
<?php
$filename = '../includes/updates.php';
$content = $_POST['update'];

if (is_writable($filename)) {

if (!$handle = fopen($filename, 'w')) {
echo "Sorry, ($filename) cannot be open";
exit;
}

if (!fwrite($handle, $content)) {
echo "Sorry, cannot write to file ($filename)";
exit;
}

echo "<a href=../updates.php>view the updated file</a>
<br>
<hr height=1>
content has been updated as follows:
<hr height=1>$content";

fclose($handle);

} else {
echo "Sorry, the file $filename is not writable.";
}
?>
[/code]
Copy linkTweet thisAlerts:
@JonaOct 28.2004 — [font=trebuchet ms]Why check for it to be set? If it uses magic quotes, you know it's set already. Just unset it. There's no need for the "if" statement, is there?[/font]
Copy linkTweet thisAlerts:
@DariaauthorOct 28.2004 — [edited-deleted]
Copy linkTweet thisAlerts:
@DariaauthorOct 28.2004 — OK, i put

[code=php]<?php
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);

return $value;
}

$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
}
?>
[/code]
instead of the other one and it works now. Thanks for the effort, people!
Copy linkTweet thisAlerts:
@JonaOct 28.2004 — [font=trebuchet ms]Whatever works, I suppose. Glad you got it figured out.[/font]
×

Success!

Help @Daria spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.14,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...