By scotfree on
OK, before anything else, yes I'm aware of the existing threads about quotes being inappropriately escaped. Unless I've missed something, the solutions consist of setting magic_quotes_gpc/runtime if possible, and some hacks to remove the escapes by hand if not.
I believe I have set these php variables using set_ini. I have verified this by adding a phpinfo to the footer, and the local value for all the magic_quotes variables is Off, as well as the fact that I don't get the warning message.
Nevertheless, I still get all my quotes escaped. I hate to ask about such an overdone topic, but it's pretty frustrating, and I'd like to avoid stripping them directly, that seems like an ugly hack. Any thoughts?
Comments
OK, fixed, but raises questions about the Drupal check, and PHP.
I fixed the immediate trouble, with a local php.ini...I thought that would only work with a server restart, but apparently not. I'm used to having full access on my own server, and don't know all the details about the setup where this is being hosted (1and1.com).
Nevertheless, I think this is still an interesting question. I verified my settings with phpinfo, and get_magic_quotes_gpc, and the drupal check. All showed the variables set to Off. And yet, it was still escaping my quotes. Is this something funny in PHP, where somehow the process being checked isn't actually the process that's parsing my post?
Anyhow, sorry to have asked the same question, but I thought (and think) that there's something really funny happening with the variables settings. If nothing else, this suggests that the drupal check may not always work as desired.
ini_set
You can change the value of magic_quotes_gpc at runtime, but it does not affect the GPC data anymore because it is processed before any PHP code is run.
Drupal CVS already contains a fix for this problem, see:
http://acko.net/dump/magic_quotes.patch
Stripping at runtime is the only solution if you cannot change the actual setting.