我试图在 PHP 中关闭魔术引号,但无法将其禁用 - 我在 /usr/local/lib/php.ini 中设置了以下内容并重新启动了 Apache,但它没有任何区别。
; Magic quotes
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
phpinfo 确认这些都设置为关闭。
magic_quotes_gpc Off Off
magic_quotes_runtime Off Off
magic_quotes_sybase Off Off
然后我尝试添加
php_flag magic_quotes_gpc off
到 htaccess ,但这给出了 500 Internal Server 错误 - 在 error_log 中查看没有添加任何内容来告诉我为什么会发生这种情况。
服务器使用 CPanel/WHM 运行 Centos 5.8 64 位,前端是 Wordpress,后台有自定义 PHP 应用程序。PHP 版本为 5.3.18,加载的配置文件为 /usr/local/lib/php.ini
我认为它不起作用的原因是以下消息是从 MySQL 中提取的,它在添加到数据库之前应用了 mysql_real_escape_string、addslashes 和 htmlspecialchars。
原来的消息是:
This is a "how to" question. I don't think it is covered in the notes - sorry if I've missed it.
它被添加到 MySQL 中:
This is a "how to" question. I don\'t think it is covered in the notes - sorry if I\'ve missed it.
当它显示在屏幕上时,它显示为:
This is a \\"how to\\" question. I don\\\'t think it is covered in the notes - sorry if I\\\'ve missed it.
当然后将 stripslashes 应用于此时,它变为:
This is a \"how to\" question. I don\'t think it is covered in the notes - sorry if I\'ve missed it.
我做错了什么或者我还能尝试什么?