What are the global PHP settings related to magic quotes and how can they affect form data transmission?

Magic quotes is a feature in PHP that automatically adds slashes to incoming form data, which can lead to double escaping and security vulnerabilities. To solve this issue, you should disable magic quotes in your PHP settings to ensure that form data is transmitted correctly without extra slashes.

// Disable magic quotes
if (get_magic_quotes_gpc()) {
    function stripslashes_deep($value) {
        $value = is_array($value) ?
                    array_map(&#039;stripslashes_deep&#039;, $value) :
                    stripslashes($value);

        return $value;
    }

    $_POST = array_map(&#039;stripslashes_deep&#039;, $_POST);
    $_GET = array_map(&#039;stripslashes_deep&#039;, $_GET);
    $_COOKIE = array_map(&#039;stripslashes_deep&#039;, $_COOKIE);
    $_REQUEST = array_map(&#039;stripslashes_deep&#039;, $_REQUEST);
}

Keywords

magic quotes PHP settings form data transmission global variables

What are the global PHP settings related to magic quotes and how can they affect form data transmission?

Keywords

Related Questions