PHP 7.4 deprecated get_magic_quotes_gpc function alternative

by

You need to remove every mention of this function from your code and do not replace it with anything else.

get_magic_quotes_gpc() has been useless ever since PHP 5.4.0. It would tell you whether you have magic quotes switched on in the configuration or not. Magic quotes were a terrible idea and this feature was removed for security reasons (PHP developers believed in magic & superstitions and wrote unsecure code).

Most likely even you yourself do not know why you had this line of code in your project. I know I was fooled by it when I was learning PHP. The reality is you do not need it at all. This function has nothing to do with security and the concept of input sanitization is preposterous.

Instead, rely on good security guidelines.

  • Use parameterized prepared statements for interactions with the database. PHP has a very good library called PDO, which can be used with many DB drivers including MySQL.
  • If you produce output, then escape the output taking into consideration the rules of that medium. For example when outputting to HTML use htmlspecialchars() to prevent XSS.
  • Never sanitize input. There is no magical solution that would protect you against everything. Instead, you as a developer must be aware of dangers and you need to know how to protect your code. Don’t try to sanitize input. Escape output.

More Related Contents:

  1. Deprecated: mysql_connect() [duplicate]
  2. How to fix the session_register() deprecated issue?
  3. Why I am suddenly getting a “Typed property must not be accessed before initialization” error when introducing properties type hints?
  4. How to successfully rewrite old mysql-php code with deprecated mysql_* functions?
  5. Trying to access array offset on value of type bool in PHP 7.4
  6. How to use spl_autoload() instead of __autoload()
  7. PHP Error : Unparenthesized `a ? b : c ? d : e` is deprecated. Use either `(a ? b : c) ? d : e` or `a ? b : (c ? d : e)` [duplicate]
  8. Message: Trying to access array offset on value of type null [duplicate]
  9. Array and string offset access syntax with curly braces is deprecated [duplicate]
  10. How can I replace the deprecated set_magic_quotes_runtime in php?
  11. Trying to access array offset on value of type null
  12. Why is mime_content_type() deprecated in PHP?
  13. What is null coalescing assignment ??= operator in PHP 7.4
  14. Why does PHP 7.4 on Windows aborts all command line actions that require user input?
  15. What does PHP do with deprecated functions?
  16. Function ereg_replace() is deprecated – How to clear this bug? [duplicate]
  17. Fatal error: Allowed memory size of 268435456 bytes exhausted (tried to allocate 71 bytes)
  18. How do I access static member of a class?
  19. PHP exec() not returning error message in output
  20. How does pcntl_fork work in PHP?
  21. Verify valid date using PHP’s DateTime class
  22. How to eliminate php5 Strict standards errors?
  23. Parsing multipart form data
  24. Get/set DPI with PHP GD/Imagick?
  25. Run php function inside jQuery click
  26. How can I generate a round robin tournament in PHP and MySQL?
  27. Is there a way to change all keys in a flat indexed array to the same string (“Name”)? [closed]
  28. Search and replace multiple values with multiple/different values in PHP?
  29. MySQL Join Multiple Rows as Columns
  30. Debug a DOMDocument Object in PHP

Leave a Comment