Mysterious Auto-Escaping of POST Data in WordPress
Despite disabling magic quotes through php.ini, PHP and WordPress continue to auto-escape POST data containing single quotes. This perplexing issue has left developers scratching their heads.
WordPress Origin of Auto-Escaping
The root cause of the auto-escaping lies within WordPress's bootstrapping process. When WordPress is initialized, it activates a code that automatically escapes certain characters in user input.
Solution to Auto-Escaping
To resolve this issue, it is recommended to override the global variables temporarily using the following code:
$_GET = array_map('stripslashes_deep', $_GET);
$_POST = array_map('stripslashes_deep', $_POST);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_SERVER = array_map('stripslashes_deep', $_SERVER);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);Alternatively, you can consider using a more targeted approach by "stripping locally" instead of overwriting the superglobals. For example:
$post = array_map('stripslashes_deep', $_POST);Additional Considerations
Overwriting superglobals can potentially impact other parts of your application. Therefore, carefully evaluate whether it is appropriate for your specific situation.
Further insights from @Alexandar O'Mara and @quickshiftin provide valuable perspectives on this topic.
The above is the detailed content of Why Does WordPress Auto-Escape POST Data Even After Disabling Magic Quotes?. For more information, please follow other related articles on the PHP Chinese website!
Which platform is better for virtual currency trading?
oicq
How to represent negative numbers in binary
How to delete a folder in linux
Linux find command usage
What is the difference between hardware firewall and software firewall
What is the function of Huawei nfc?
How to modify the text on the picture
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
