Implement magic_quotes_gpc on PHP 5.4 later version for legacy code
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
src
CHANGELOG.md
LICENSE
README.md
composer.json

README.md

PHP Magic Quotes Implementation

Implement magic_quotes_gpc on PHP 5.4 later version for legacy code

Latest Stable Version Latest Unstable Version License

If you are migrating legacy source code to the enviorment with PHP version 5.4 above, but including lots of vulnerable DB query codes depending on Magic Quotes magic_quotes_gpc SQL protection. Just use this to run smoothly on new version PHP like old time.

As PHP's Warning for Magic Quotes:

Magic Quotes feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.


DEMONSTRATION

print_r($_GET);
MagicQuotesGpc::init();
print_r($_GET);

After visiting URL with query ?username=1' OR '1'='1, and the output will be:

Array ( [username] => 1' OR '1'='1 ) 
Array ( [username] => 1\' OR \'1\'=\'1 )

Recursive Input Data Concern

The recursive data input from $_POST, $_COOKIE even $_GET will be handled also:

$_POST['users'][0] = ['username'=>"1' OR '1'='1"];
print_r($_POST);
MagicQuotesGpc::init();
print_r($_POST);

After simulating $_POST data assignment, the output will be:

Array ( [users] => Array ( [0] => Array ( [username] => 1' OR '1'='1 ) ) ) 
Array ( [users] => Array ( [0] => Array ( [username] => 1\' OR \'1\'=\'1 ) ) )

INSTALLATION

Install via Composer

Run Composer in your legacy project:

composer require yidas/magic-quotes

Then initialize it at the bootstrap of application such as config file:

require __DIR__ . '/vendor/autoload.php';
MagicQuotesGpc::init();

Install Directly by Loading Class

Load the MagicQuotesGpc.php and initialize it:

require __DIR__ . '/MagicQuotesGpc.php';
MagicQuotesGpc::init();