Home/ Questions/Q 1099647
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-17T00:45:53+00:00

I disabled magic_quotes in my php.ini. But I still get escaped strings in my

  • 0

I disabled magic_quotes in my php.ini.

But I still get escaped strings in my form.

Note: I’m running this in a theme in WordPress.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I actually already figured this out, just want to leave my solution here in case other people might find it useful:

    WordPress automatically escapes all request variables. If magic quotes are turned off, they strip the slashes first, but add them again afterwards.

    wp-settings.php code piece:

    // If already slashed, strip.
if ( get_magic_quotes_gpc() ) {
$_GET = stripslashes_deep($_GET );
$_POST = stripslashes_deep($_POST );
$_COOKIE = stripslashes_deep($_COOKIE);
}


// Escape with wpdb.
$_GET = add_magic_quotes($_GET );
$_POST = add_magic_quotes($_POST );
$_COOKIE = add_magic_quotes($_COOKIE);
$_SERVER = add_magic_quotes($_SERVER);

    Source: http://www.wptextads.com/blog/2007/05/19/gpc-magic-quotes-in-wordpress-is-compulsory/

    • 0