[RESOLVED] magic quotes ok but not 's

v3nt

in my phpinfo all the magic quotes are off;
http://64.13.231.133/phpinfo.php

but i can use " in entries but not '

I'm pretty confused over this! What do i need to be changing in my php.ini?

many thanks.

Dan.

v3nt

ok, php.ini setting needs to be this;
magic_quotes_gpc On
magic_quotes_runtime Off
magic_quotes_sybase Off

Piranha

Magic quotes should always be off. It was a way to make it easier to handle at least databases, but since different databases demands different handling it is much better to use the functions for the database you use.

bradgrafelman

Not to mention the fact that magic_quotes escapes data at the wrong time.

You should only escape data when you want to insert it into the DB. At that time, you can most likely use a function specifically designed for that database ([man]mysql_real_escape_string/man for MySQL servers, as an example). Otherwise, for displaying purposes and code evaluation, there is no reason why you would want to escape quotes.

Not only do most experienced programmers highly recommend NOT using magic_quotes, but even the developers realize it was a mistake; magic_quotes has been removed in PHP6.