Although magic_quotes are turned off still escaped strings?

两盒软妹~` 提交于 2019-12-23 09:48:07

问题


I disabled magic_quotes in my php.ini.

But I still get escaped strings in my form.

Note: I'm running this in a theme in Wordpress.


回答1:


I actually already figured this out, just want to leave my solution here in case other people might find it useful:

Wordpress automatically escapes all request variables. If magic quotes are turned off, they strip the slashes first, but add them again afterwards.

wp-settings.php code piece:

// If already slashed, strip.
if ( get_magic_quotes_gpc() ) {
$_GET = stripslashes_deep($_GET );
$_POST = stripslashes_deep($_POST );
$_COOKIE = stripslashes_deep($_COOKIE);
}


// Escape with wpdb.
$_GET = add_magic_quotes($_GET );
$_POST = add_magic_quotes($_POST );
$_COOKIE = add_magic_quotes($_COOKIE);
$_SERVER = add_magic_quotes($_SERVER);

Source: http://www.wptextads.com/blog/2007/05/19/gpc-magic-quotes-in-wordpress-is-compulsory/



来源:https://stackoverflow.com/questions/3812128/although-magic-quotes-are-turned-off-still-escaped-strings

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!