Although magic_quotes are turned off still escaped strings? I actually already figured this out, just want to leave my solution here in case other people might find it useful:
WordPress automatically escapes all request variables. If magic quotes are turned off, they strip the slashes first, but add them again afterwards.
wp-settings.php code piece:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
// If already slashed, strip. if ( get_magic_quotes_gpc() ) { $_GET = stripslashes_deep($_GET ); $_POST = stripslashes_deep($_POST ); $_COOKIE = stripslashes_deep($_COOKIE); } // Escape with wpdb. $_GET = add_magic_quotes($_GET ); $_POST = add_magic_quotes($_POST ); $_COOKIE = add_magic_quotes($_COOKIE); $_SERVER = add_magic_quotes($_SERVER); |
If you like this question & answer and want to contribute, then write your question & answer and email to freewebmentor[@]gmail.com. Your question and answer will appear on FreeWebMentor.com and help other developers.