Add the functions you want to /etc/cl.selector/php.conf
So for your magic_quotes_gpc, you could add the following code:
Code:
Directive = magic_quotes_gpc
Default = Off
Type = bool
Remark = <5.4.0
Comment = Magic Quotes is a process that automagically escapes incoming data to the PHP script. It's preferred to code with magic quotes off and to instead escape the data at runtime, as needed.
Note that the Remark field ¡s set to
less than 5.4.0 because this feature was
DEPRECATED as of PHP 5.3.0 and
REMOVED as of PHP 5.4.0.
(I actually thought this function was already included as standard in the Cloudlinux PHP Selector codebase - I don't remember adding it to my code and it is clearly there for PHP versions 5.3 and under. Perhaps you are looking at a more modern PHP version that will not display the option ? )
See the
Custom PHP.ini options page of the Cloudlinux documentation for full details
Before you offer this option to your users, you may want to read the full notes at
PHP: Magic Quotes - Manual
Magic quotes are not for security. They never have been. It's a convenience thing -- they exist so a PHP noob can fumble along and eventually write some mysql queries that kinda work, without having to learn about escaping/quoting data properly. They prevent a few accidental syntax errors, as is their job. But they won't stop a malicious and semi-knowledgeable attacker from trashing the PHP noob's database. And that poor noob may never even know how or why his database is now gone, because magic quotes (or his spiffy "i'm gonna escape everything" function) gave him a false sense of security. He never had to learn how to really handle untrusted input.
