PHP Magic Quotes quick fix

My Magic_Quotes has always been on and only today I've seen it's becoming depriciated. If I have it off could I just escape all user input (whether it's being used in my database or not). I definitely can't go back and rewrite all my database queries to use mysql_real_escape_string().

Could I just loop through all my $_GET, $_POST and $_SESSION and apply mysql_real_escape_string() ?

Solution

mysql_real_escape_string and magic_quotes_gpc are two different things. Magic quotes does not render your input safe enough for SQL queries.

Whether you like it or not, you should convert all your database queries to use a proper escaping mechanism, or you otherwise leave your application open to security issues like SQL injection.

You can't really apply mysql_real_escape_string directly on $_GET, $_POST, etc. because it might mess up your input data if you need it for anything else than SQL (like form validation and such).

Build a string by repeating a character N times
Validate an array as "empty" if it has no elements or if all elements have no length
phpunit runs test twice - gets two answers. Why?
How can I make Laravel return a custom error for a JSON REST API
regex for checking URL's wildcard for both subdomain and top level domain?
Use Simple HTML Dom to parse HTML and generate an array of href values and plain text
Generate an array of href strings from all <a> tags in an HTML document using Simple HTML DOM Parser
Making POST application/json request with file_get_contents
Woocommerce add to cart button redirect to checkout
PHP form send email to multiple recipients
How to loop over json-encoded data?
Fill array with numbers adding up to a nominated total without exceeding item maximum
Iterate over all last-day-of-the-month dates in a year
Generate an associative 2d array with incremented column values using a flat array as first level keys
Debug a single PHP file with $_GET parameters in NetBeans/Eclipse/PHPstorm (AJAX API)
Put Values in Multidimensional Array keys
Laravel queued jobs processed immediately even with a delay
Error when calling function it self, VCS say="undefined function"
How to truncate number 3 decimals
PHP - How to get OAuth 2.0 Token
Consume API endpoint from Laravel + Inertia App
Generate real US street addresses for Selenium RC script
Hour difference between 2 DateTime objects in Decimal Format
Php update database if checkbox is not checked
Group data from lines of a log file by one column and create subarrays from another column
Use values of a flat array as the keys in every row of a 2d array
Redis keys are not expiring - Laravel, Predis
WooCommerce order status hook not triggering
Execute a function on each element of an array
Group a 2d array by year-month of a date column, add column of counts and create a subarray from a column of ids in each group