How Can I Disable Magic Quotes GPC in a Shared Hosting Environment Without php.ini Access?

Disabling Magic Quotes in Shared Hosting Environments without Direct PHP.ini Access

Many shared hosting providers disable the ability to modify the php.ini file, which can prevent users from disabling Magic Quotes GPC. This setting automatically escapes characters in user-submitted data, causing issues with processing data.

To disable Magic Quotes GPC without access to php.ini, consider the following solutions:

Custom php.ini

Some shared hosting environments allow users to create a custom php.ini file. For instance, in suexec/FastCGI setups, a per-webspace php.ini may be available. By adding the line "magic_quotes_gpc = Off" to this custom php.ini file, you can override the default setting.

.htaccess File

If a custom php.ini is not an option, you can try adding the following code to your .htaccess file:

AddType x-mapp-php5 .php
php_flag magic_quotes_gpc 0

Note that the value should be "0" for "off", not "O" for "uppercase letter o."

Ini_set() Function

While ini_set() cannot directly change the value of magic_quotes_gpc (it is a PHP_INI_PERDIR setting), you can use it in a workaround:

if ( in_array( strtolower( ini_get( 'magic_quotes_gpc' ) ), array( '1', 'on' ) ) )
{
    $_POST = array_map( 'stripslashes', $_POST );
    $_GET = array_map( 'stripslashes', $_GET );
    $_COOKIE = array_map( 'stripslashes', $_COOKIE );
}

This script checks if Magic Quotes GPC is enabled and reverses its effects by removing slashes from the $_POST, $_GET, and $_COOKIE arrays.

The above is the detailed content of How Can I Disable Magic Quotes GPC in a Shared Hosting Environment Without php.ini Access?. For more information, please follow other related articles on the PHP Chinese website!