Security Security Security

steev8ch · Sep 23, 2009

Apparently without php level 3, magic_quotes_gpc is not turned off. Please help, I don't need magic_quotes_gpc on and do want as much security as I can get. Thx

garrettroyce · Sep 23, 2009

You can override this with

Code:

ini_set('magic_quotes_gpc', 0)

xav0989 · Sep 23, 2009

Funny, as I don't think it is enabled on my account and I sure don't have magic_quotes_gpc (well I think)

steev8ch · Sep 24, 2009

garrettroyce said:
You can override this with

Code:

ini_set('magic_quotes_gpc', 0)

Garrett, good try, but which file and directory do you suggest implementing this command in?

I get either "Internal Server Error" or no effect.

BTW this is for a Zikula install. Thx

garrettroyce · Sep 24, 2009

Actually, try this instead. In the file in your public_html folder called .htaccess, add this line:

Code:

php_value magic_quotes_gpc 0

If the file does not exist, create it with this one line.

[EDIT]

It looks like this throws a server 500 error...Must not be allowed... I'll try to think of another good way
Edit:
After reading the php documentation on magic_quotes_gpc, it cannot be disabled at runtime. Sorry.

steev8ch · Sep 25, 2009

garrettroyce said:
Actually, try this instead. In the file in your public_html folder called .htaccess, add this line:

Code:

php_value magic_quotes_gpc 0

If the file does not exist, create it with this one line.

[EDIT]

It looks like this throws a server 500 error...Must not be allowed... I'll try to think of another good way
Edit:
After reading the php documentation on magic_quotes_gpc, it cannot be disabled at runtime. Sorry.

What is the proceedure for obtaining PHP v.3? I believe admin has Magic_quotes turned off by default at this level.

garrettroyce · Sep 25, 2009

V3 is traditionally not available for most users. It allows many privileges that could easily be abused by the owner of the account or even a user of the owner's webpage. Even so, PHP V3 is a X10 proprietary thing, and I don't believe that turning off magic_quotes is one of the advantages. There are ways of working around magic quotes, you may have to implement them. I agree with you that this should not be turned on and I will recommend it here: http://forums.x10hosting.com/news-announcements/99843-feature-requests-php.html

steev8ch · Sep 25, 2009

garrettroyce said:
V3 is traditionally not available for most users. It allows many privileges that could easily be abused by the owner of the account or even a user of the owner's webpage. Even so, PHP V3 is a X10 proprietary thing, and I don't believe that turning off magic_quotes is one of the advantages. There are ways of working around magic quotes, you may have to implement them. I agree with you that this should not be turned on and I will recommend it here: http://forums.x10hosting.com/news-announcements/99843-feature-requests-php.html

You are the one who helped me and I tried to up your rep again alas to no avail, the system desires i should spread some rep around. Thx again "The system is now The MaN."

garrettroyce · Sep 25, 2009

steev8ch said:
You are the one who helped me and I tried to up your rep again alas to no avail, the system desires i should spread some rep around. Thx again "The system is now The MaN."

Thank you for trying

Security Security Security

steev8ch

New Member

garrettroyce

Community Support

xav0989

Community Public Relation

steev8ch

New Member

garrettroyce

Community Support

steev8ch

New Member

garrettroyce

Community Support

steev8ch

New Member

garrettroyce

Community Support

Free Web Hosting

Our Community

Legal