Magic Quotes (y/n question)

Is magic quotes still a problem in php ?
(I tried to search about it, but I dont really find good answers, - I’m just learning php and read books (old) so i’m pretty noob :wink: )

  • Thanks

I would say very old
http://php.net/manual/en/security.magicquotes.php

This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.

Thanks!
Do you have any suggestion of new books then ? About PHP + SQL. Newb to mid level.

I haven’t looked at a PHP book for ages (4 years in tech time is ages). I use the online documentation.

And the last PHP book I read wasn’t really beginner level
PHP Master: Write Cutting-edge Code

But I can recommend this one
PHP & MySQL: Novice to Ninja

It goes through the steps to setting up a localhost environment (so you don’t need a live host)
and works through an example application

It doesn’t cover every aspect of what PHP or MySQL can do of course, but by the time you work through it you will be better able to use documentation to write code to go whatever path ou want to follow next.

A plus is that many here are experienced with the book so if you get stuck help is near.

hi buddy, thanks again !
It is exactly that book I just finished (Novice to Ninja). Great introduction, and relatively easy. But that book covers the magic quotes aspect, which I guess I should just forget today? Anyway, the book gives me a good knowledge to begin with this stuff. I think I will move on to your Write Cutting-edge Code suggestion then!

Was it an old edition? Magic Quotes was removed from PHP a long time ago so recent editions would have no reason to mention it.

. 5. edition. 2012. As the above link ref to. I think it is the newest edition? (that was my conclusion 3 days ago :slight_smile: )

A lot has changed in PHP in the last four years so if that is the latest edition then it really needs to be replaced sooner rather than later.

To be fair to @kevinyank, the book says:

In short, magic quotes was a bad idea, so much so that it’s scheduled to be removed from PHP in version 6. In the meantime, however, you have to deal with the problems it creates in your code. The easiest way to do this is to detect if magic quotes is enabled on your web server and, if so, to undo the modifications it has made to the submitted values.

which became 5.4 after 6 was cancelled

1 Like

Yes and no.

If you have a full control of the server you are writing your code for, you may forget magic_quotes at all.

If you are writing a code to share with everyone, then it won’t hurt if you add a compatibility pack that will clean the input data from magic_quotes.

Yes, you can always remove it in July 2014 once the last PHP version that supports magic quotes reaches its end of life.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.