Magic Quotes OffIn PHP, Magic Quotes was a security feature that helped "fix" bad programming by adding backslashes to certain data retrieved from a database.


So HTML, such as... <p>Rich says "Hiya"!</p>
would be stored in a string as... <p>Rich says /"Hiya/"!<//p>

This was thought to help prevent SQL injections and as such is turned "on" by default.

However Magic Quotes are now generally considered an inconvenience: it slows down performance, not all code needs to be fixed, and there are more efficient methods of doing this.

 

As of PHP 5.4 the feature was removed and as of Joomla 3 it should be turned off.

Most hosts still have this turned on by default and if your website is on a shared hosting platform your host may not allow you to simply change the main PHP settings. However here is a simple 3 step method for turning the magic off.

 

1) Create a file called php5.ini (you can use a simple text editor for this) and place it in the main root folder of your website (as opposed to a sub-directory).

 

2) Add the following to your php5.ini file...

 

magic_quotes_gpc = Off
magic_quotes_runtime = Off
magic_quotes_sybase = Off
extension=pdo.so
extension=pdo_mysql.so

 

3) Open your .htaccess file and add the following to the very top of the file...

 

SetEnv PHPRC /home/your_path/public_html/php5.ini

Changing "your_path" to the hosting account name that your site uses.