I recommend you turn off magic quotes and escape characters using mysql_real_escape_string instead. If you server configuration allows it, you can disable magic quotes using an Apache .htaccess file.

Magic quotes is a feature intended to help prevent security breaches in scripts written by PHP beginners. Read the article Protect your script from hackers: Protect your script from hackers: SQL injection attack prevention to find out why you should turn magic quotes off.

If you don’t have access to the PHP configuration file, you can also disable magic quotes using an .htaccess file. You just have to add the following line:

php_flag magic_quotes_gpc Off

Tags: Apache, PHP

This entry was posted on Friday, January 15th, 2010 at 10:51 am and is filed under Web Development. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.