As I was following the tutorial on How To Create a Theme Options Page for Your WordPress Theme, from ForTheLose.org, I stumbled upon an irritating issue. I wanted to create an option where you can paste your Google Ad Sense code from the theme admin panel.
The problem is, as soon as I drop stuff like HTML code into the field, it automatically adds unwanted backslashes in front of double quotes. As I later figured out, this is actually a “feature” in PHP known as “Magic Quotes”.
What the heck are “Magic Quotes”
For those who know PHP, the language is designed to avoid conflicts in strings (mostly characters used in variables) through the use of escape sequences. Escape sequences are formed by providing a (“”) backslash in front of characters such as double quotes, to convert them into a literal string. The people who wrote PHP wanted this to be an automated process, so they decided that all text passed through online forms are automatically escaped with a backslash. This is known as Magic Quotes. Although their intentions were good, it has caused more problems than fixes. According to the PHP.net: Magic Quotes are deprecated as of version 5.3 and will not be part of future versions.
WordPress Fix
Although you can disable Magic Quotes in your server php.ini file, it won’t do me any good since I’m developing a theme to be released for public use. This means that users of my theme will have various server configurations and telling them to turn this feature off is simply not an option. Luckily, WordPress has adapted PHP.net’s function “stripslashes deep” – which disables Magic Quotes at runtime. All you need to do is paste the following code into your theme file and should take care of the issue:
The above code strips slashes when data arrives via $_POST, $_GET, $_COOKIE, and $_REQUEST methods. In my case, I’ve pasted this code inside my functions.php file which contain my theme options. This page alone will serve multiple textarea input fields which will allow special characters such as Google Analytics and AdSense code. Note that this can be used in any page with input fields such as a contact and RSVP forms.
Well just posting this expose to conduct that I seize your blog daily.
Nice. Worked for me. Thanks
Was having this problem with a wordpresss theme that had built in theme options for AdSense. Your bit of Code still works.
tanks spanky
Very useful. Just what I was looking for. You rock!
Where do I paste this in the functions file please? Pulling my hair out.
I’ve tried it before the post method, at the end very of the document and at the start.
Any advice much appreciated!
Thanks
you can paste anywhere in functions.php
Unfortunately by adding this piece of code at the end of functions.php I get internal server error 500.
Hi there Micheal, I’m having the same internal server error as Tim… I guess your method is the best out there, but I’d love to get it working! Any idea about where’s exactly the best place to add your piece of code? Thanks in advance, take care.
Worked like a charm. Thank you so much!
Thanks!!
The wordpress shopp plugin seems to have a problem including these rogue slashes in notification emails to customers. Your snippet cleared them up. Thanks!
Hi, I know this is an old post, but I’d just like to thank you for posting this up – I was pulling my hair out when this problem occured on my site (especially because magic quotes was off), but adding the above code solved the problem! Cheers!
Thank you so much for posting this!!
For anyone that is having problems, it is probably because `if ( get_magic_quotes_gpc() )` is evaluating to FALSE for some reason on certain servers, even though WordPress is turning magic_quotes on. It may work for you if you just leave out the if statement. But if you do that (like I had to), you will need to remove that code when WordPress eventually get’s this right and reforms their use of magic_quotes, or it will strip out slashes that are supposed to be their, like in links, etc.
Hope that helps somebody.
Been trying to disable magic quotes for nearly 3 days straight. Until I saw this comment, nothing had worked. Thanks!!
Thank you!.
I just had into my web server
under “get_magic_quotes_gpc” it should be on
when I install WordPress. but apparently off when I use WordPress.
now it works again without problem!
i ran this code to make it work
if ( get_magic_quotes_gpc() ) {
$_POST = array_map( ‘stripslashes_deep’, $_POST );
$_GET = array_map( ‘stripslashes_deep’, $_GET );
$_COOKIE = array_map( ‘stripslashes_deep’, $_COOKIE );
$_REQUEST = array_map( ‘stripslashes_deep’, $_REQUEST );
} else {
$_POST = array_map( ‘stripslashes_deep’, $_POST );
$_GET = array_map( ‘stripslashes_deep’, $_GET );
$_COOKIE = array_map( ‘stripslashes_deep’, $_COOKIE );
$_REQUEST = array_map( ‘stripslashes_deep’, $_REQUEST );
}
You might as well just do it without any conditional.
$_POST = array_map( ‘stripslashes_deep’, $_POST );
$_GET = array_map( ‘stripslashes_deep’, $_GET );
$_COOKIE = array_map( ‘stripslashes_deep’, $_COOKIE );
$_REQUEST = array_map( ‘stripslashes_deep’, $_REQUEST );
Thank You