Er... seriously? magic_quotes_gpc defaults to on?

ritontor

Member
May 17, 2009
19
0
51
Are you absolutely kidding? magic_quotes_gpc hasn't been in use since, like, the 1920s. Who is the dribbling imbecile who decided that even today, in 2010, that it should *default* to on in cPanel?
 

JaredR.

Well-Known Member
Feb 25, 2010
1,834
23
143
Houston, TX
cPanel Access Level
Root Administrator
In older distributions of PHP, magic_quotes_gpc was actually recommended to be turned on. The thinking behind it is that, since it effectively shields poor programmers from themselves (according to PHP: Why did we use Magic Quotes - Manual), that disabling it once it has been enabled could open unknown security holes on the server.

The option is deprecated in PHP 5.3.0, and there is an internal case for it to be changed to "Off" by default in the php.ini file provided by cPanel.
 

garrettp

Well-Known Member
PartnerNOC
Jun 18, 2004
312
0
166
cPanel Access Level
DataCenter Provider
Are you absolutely kidding? magic_quotes_gpc hasn't been in use since, like, the 1920s. Who is the dribbling imbecile who decided that even today, in 2010, that it should *default* to on in cPanel?
Keeping magic_quotes_gpc enabled is much less of a problem than say if register_globals was on by default. If anything it allows portability between cPanel servers still running older versions of PHP (e.g. PHP4).