WordPress.org

Ready to get started?Download WordPress

Forums

Magic quotes are disabling links and images in sidebar (5 posts)

  1. bkalb
    Member
    Posted 1 year ago #

    Hi everyone,

    I maintain my employer's website, which is WordPress-based. I should point out that while I'm no WordPress expert and I didn't build the site, I can tell just from my time with it so far that it's kind of a mess as far as how it was originally put together. Most of the time I can manage my way pretty well in HTML and CSS, but this particular issue is way out of my league and I'm hoping someone can point me in the right direction.

    We use the Enhanced Text Widget as a way to put linked images in a sidebar. Today I went to add a new linked image via this widget and when I clicked "save," it added backslashes (\) after each of the double quotes in the tag attributes for my image and links, preventing them from displaying on the reloaded page. In trying to fix it, I managed to do the same to the existing sidebar content, so now a number of important links have disappeared. This is definitely a new glitch, since adding content this way in the past worked just fine (though I'll admit that the previous most recent link predates my time here, so I don't know if it was done in a different way). I have read online that this is a common issue with PHP and WordPress, and I found a number of suggested code solutions that I was supposed to copy and paste into this or that file -- I've tried various theme files, the Enhanced Text PHP file itself, and anywhere else that made sense to me, and nothing has changed. The code I've tried is as follows:

    if ( get_magic_quotes_gpc() ) {
        $_POST      = array_map( 'stripslashes_deep', $_POST );
        $_GET       = array_map( 'stripslashes_deep', $_GET );
        $_COOKIE    = array_map( 'stripslashes_deep', $_COOKIE );
        $_REQUEST   = array_map( 'stripslashes_deep', $_REQUEST );
    }

    To make matters worse, I cannot seem to find an html file on my server that corresponds to this Enhanced Text widget content, even though I can readily identify it when I go to View Source in my browser. I'm assuming it's generated by the PHP script(s) and inserted into our homepage behind the scenes, but then, I have no real familiarity with how these technologies work together.

    Does anyone have a specific solution for this issue, or even a better suggestion for where to paste the above code example? If it would help to take a look at our site firsthand, it's at http://www.illinoisaap.org.

    Thanks in advance for your help!

  2. jholder83864
    Member
    Posted 1 year ago #

    Put in:

    if ( get_magic_quotes_gpc() ) {
         var_dump($_REQUEST);
         exit;
    }

    And post it here. Then go back to what it was. Also, Magic Quotes are deprecated in later PHP versions. Escaping is usually handled by a pdo driver, mysqli, or the wordpress escape function. So, this might be a problem for you in the future, or it could be what's causing this.

  3. bkalb
    Member
    Posted 1 year ago #

    Hi jholder,

    Thanks for the quick reply. Can you please specify where I should add the code you provided -- which file? And does it matter where in the hierarchy of the original code I place it?

    Thanks!

  4. jholder83864
    Member
    Posted 1 year ago #

    Put it in the code you tried.

    What we're doing, is we're gonna capture the input to the server, and see if the server is adding anything (ie escaping) the text.

    Your solution isn't that bad, actually. But we really need to know what the data looks like before we try to alter it.

  5. bkalb
    Member
    Posted 1 year ago #

    I think I understand. For additional context, this only seems to be happening via the Enhanced Text Widget -- other code on the site seems to be fine. But for example, I'll try to add something via this feature and enter the content as

    <a href="http://illinoisaap.org/about/help-support-icaap/"><img src="http://illinoisaap.org/wp-content/uploads/become_a_member.png" align="left"></a>

    and as soon as I click Save it gets turned into

    <a href=\"http://illinoisaap.org/about/help-support-icaap/\"><img src=\"http://illinoisaap.org/wp-content/uploads/become_a_member.png\" align=\"left\"></a>

    which, of course, breaks the links. I believe this is the escaping you referred to?

    Before I mucked everything up, the above link was working just fine on our homepage, but I clicked on it to take a look and then clicked Save, and it broke.

    Like I said , if I could find a corresponding HTML file on my server that actually held this content, I would just open it up and fix it in the code manually, but this segment of the page appears to be generated entirely by scripts.

    If there's additional code you'd like me to post, let me know, but since I'm doing this through the WordPress GUI (via the widgets page) I don't have a lot to go on.

    Thanks.

    [ No gentle or hardcore bumping please ;) ]

Topic Closed

This topic has been closed to new replies.

About this Topic