I have vBulletin4 and i have these two errors on my php error log file :
php PHP Deprecated: Directive 'magic_quotes_gpc' is deprecated in PHP 5.3 and greater in Unknown on line 0
```php
PHP Warning: Directive ‘register_long_arrays’ is deprecated in PHP 5.3 and greater in Unknown on line 0
```
I’ve googled about these errors, and i found the solution about the first one ('magic_quotes_gpc), they say to disable in the php.ini , but is this a security risk ?
Truthfully one should develop without relying on Magic Quotes - it should be up to a developer to escape input when it needs to be escaped, not the other way around.
There are loads of tutorials out there about how to grow out of magic_quotes. VBulletin grew out of magic quotes a long time ago, so as long as you check over your own code* on the same server, it should be fine to disable them.
Register Long Arrays… that thing is there to essentially allow legacy code to work. Scripts which use $HTTP_POST_VARS instead of $_POST etc. There is no need for it unless you have ancient scripts or learnt from ancient tutorials.
*Essentially magic quotes will put backslashes before quotes on all user input data. This was done so that a user could just throw data into a database query without needing to worry about SQL injections. It was later shown that there were ways for people to get around that if they really wanted to.
If you escape your data before putting it blindly into a mysql_query function - or even better, use a library like PDO - you should be fine. Otherwise, you will need to check out the mysql_real_escape_string function and implement it on your own code before disabling magic quotes.
