How to set the PHP magic quotes directive in an .htaccess file
This article describes how to enable and disable the magic quotes directive in an .htaccess file.
The information in this article only applies to certain types of hosting accounts. To determine whether or not the information below applies to your account, please see this article
This article assumes that you have already set up a custom .htaccess
file. If you have not already set up a custom .htaccess
file, please read this article
This article only applies to PHP 5.3 and earlier versions. The magic quotes directive was removed in PHP 5.4.
Using the magic quotes directive
When the magic quotes directive is enabled, PHP automatically escapes data from HTTP GET and POST requests and cookie data. For example, if a user types “hello” (with the quotation marks) in an HTML form, PHP automatically escapes the quotation marks and stores the value as \“hello\”.
To enable or disable the magic quotes feature, follow these steps:
- Log in to your account using SSH.
- Use a text editor to modify the .htaccess file as follows:
- To enable the magic quotes feature, add the following line:
php_flag magic_quotes_gpc On
To disable the magic quotes feature, add the following line:
php_flag magic_quotes_gpc Off
- Save the changes to the .htaccess file and exit the text editor.
- To verify that the new setting is active, create a PHP test file that contains the following code in the same directory where the .htaccess file is located:
<?php phpinfo(); ?>
- Load the test file in your web browser, and then search for the name of the directive. The Local Value column should display the new setting that you specified in the .htaccess file.