Magic Quotes
PHP Manual
PrevNext

Chapter 31. Magic Quotes

Table of Contents
What are Magic Quotes
Why use Magic Quotes
Why not to use Magic Quotes
Disabling Magic Quotes

Magic Quotes is a process that automagically escapes incoming data to the PHP script. It's preferred to code with magic quotes off and to instead escape the data at runtime, as needed.

What are Magic Quotes

When on, all ' (single-quote), " (double quote), \ (backslash) and NULL characters are escaped with a backslash automatically. This is identical to what addslashes() does.

There are three magic quote directives:

  • magic_quotes_gpc

    Affects HTTP Request data (GET, POST, and COOKIE). Cannot be set at runtime, and defaults to on in PHP.

    See also get_magic_quotes_gpc().

  • magic_quotes_runtime

    If enabled, most functions that return data from an external source, including databases and text files, will have quotes escaped with a backslash. Can be set at runtime, and defaults to off in PHP.

    See also set_magic_quotes_runtime() and get_magic_quotes_runtime().

  • magic_quotes_sybase

    If enabled, a single-quote is escaped with a single-quote instead of a backslash. If on, it completely overrides magic_quotes_gpc. Having both directives enabled means only single quotes are escaped as ''. Double quotes, backslashes and NULL's will remain untouched and unescaped.

    See also ini_get() for retrieving its value.

PrevHomeNext
User Submitted DataUpWhy use Magic Quotes
Links

Hosting Companies


Partners


Quick Search
Platform

Price

Diskspace

Bandwidth


 Advance Search
 Show All Companies


Reference & Manual

If you are looking for dedicated servers, look no further. HostPulse.com is a site devoted to help web users find cheap web hosting and dedicated servers.
Free Sitemap Generator Host Login/Register | Contact Us | Terms | Add Links
Thumbnails by Thumbshots.org © 2002-2008 CheapHostDir.com
  Home   Share Hosting   News   Articles   Reference & Manual   Discount Zone   Resources