Why is POST Data Still Auto-Escaped in PHP/WordPress Even with Magic Quotes Disabled?

PHP/WordPress Auto-Escaping Despite Disabled "Magic Quotes"

Q: With magic quotes functionality disabled (via get_magic_quotes_gpc() returns 0), why does POST data continue to be auto-escaped in PHP/WordPress?

A: While magic quotes may be turned off, WordPress introduces its own mechanism for escaping POST data. This is due to a known issue as described in the WordPress bug tracker (http://core.trac.wordpress.org/ticket/18322).

To resolve this issue, you can utilize the stripslashes_deep() function, as suggested by the WordPress Codex (http://codex.wordpress.org/Function_Reference/stripslashes_deep):

<code class="php">$_GET = array_map('stripslashes_deep', $_GET);
$_POST = array_map('stripslashes_deep', $_POST);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_SERVER = array_map('stripslashes_deep', $_SERVER);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);</code>

Note: While this approach is effective in stripping slashes, it's recommended to consider alternative methods of "stripping locally" without overwriting the superglobals, as suggested by Alexandar O'Mara and quickshiftin.

The above is the detailed content of Why is POST Data Still Auto-Escaped in PHP/WordPress Even with Magic Quotes Disabled?. For more information, please follow other related articles on the PHP Chinese website!