Enabling and disabling the PHP magic quotes directive

This article describes how to enable and disable the magic quotes directive in a custom php.ini file.

🚧

Important

The information in this article only applies to certain types of hosting accounts. To determine whether or not the information below applies to your account, please see this article.

📘

Note

This article assumes that you have already set up a custom php.ini file on your web site. If you have not already set up a custom php.ini file, please read this article first.

🚧

Important

This article only applies to PHP 5.3 and earlier versions. The magic quotes directive was removed in PHP 5.4.

Using PHP magic quotes directive

When the magic quotes directive is enabled, PHP automatically escapes data from HTTP GET and POST requests and cookie data. For example, if a user types "hello" (with the quotation marks) in a form, PHP automatically escapes the quotation marks and stores the value as "hello". To enable this functionality, use a text editor to modify the magic_quotes_gpc directive in the php.ini file as follows:

magic_quotes_gpc = on

To disable this functionality, modify the magic_quotes_gpc directive in the php.ini file as follows:

magic_quotes_gpc = off

👍

Tip

To verify the current value of the magic quotes directive and other directives, you can use the phpinfo() function. For more information, please see this article.

More Information

• To view a complete list of php.ini directives, please visit http://www.php.net/manual/en/ini.list.php.

• For more information about the magic quotes directive, please visit http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc.

Related Articles

• Custom php.ini files

• Using php.ini directives