2017 © Pedro Peláez
 

project magic-quotes

Implement magic_quotes_gpc on PHP 5.4 above version for legacy code

image

yidas/magic-quotes

Implement magic_quotes_gpc on PHP 5.4 above version for legacy code

  • Friday, June 8, 2018
  • by yidas
  • Repository
  • 1 Watchers
  • 1 Stars
  • 23 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 3 Versions
  • 0 % Grown

The README.md

PHP Magic Quotes Implementation

Implement magic_quotes_gpc on PHP 5.4 later version for legacy code, (*1)

Latest Stable Version Latest Unstable Version License, (*2)

If you are migrating legacy source code to the enviorment with PHP version 5.4 above, but including lots of vulnerable DB query codes depending on Magic Quotes magic_quotes_gpc SQL protection. Just use this to run smoothly on new version PHP like old time., (*3)

As PHP's Warning for Magic Quotes:, (*4)

Magic Quotes feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0., (*5)


DEMONSTRATION

print_r($_GET);
MagicQuotesGpc::init();
print_r($_GET);

After visiting URL with query ?username=1' OR '1'='1, and the output will be:, (*6)

Array ( [username] => 1' OR '1'='1 ) 
Array ( [username] => 1\' OR \'1\'=\'1 )

Recursive Input Data Concern

The recursive data input from $_POST, $_COOKIE even $_GET will be handled also:, (*7)

$_POST['users'][0] = ['username'=>"1' OR '1'='1"];
print_r($_POST);
MagicQuotesGpc::init();
print_r($_POST);

After simulating $_POST data assignment, the output will be:, (*8)

Array ( [users] => Array ( [0] => Array ( [username] => 1' OR '1'='1 ) ) ) 
Array ( [users] => Array ( [0] => Array ( [username] => 1\' OR \'1\'=\'1 ) ) )

INSTALLATION

Install via Composer

Run Composer in your legacy project:, (*9)

composer require yidas/magic-quotes

Then initialize it at the bootstrap of application such as config file:, (*10)

require __DIR__ . '/vendor/autoload.php';
MagicQuotesGpc::init();

Install Directly by Loading Class

Load the MagicQuotesGpc.php and initialize it:, (*11)

require __DIR__ . '/MagicQuotesGpc.php';
MagicQuotesGpc::init();

The Versions

08/06 2018

dev-master

9999999-dev https://github.com/yidas/php-magic-quotes-gpc

Implement magic_quotes_gpc on PHP 5.4 above version for legacy code

  Sources   Download

MIT BSD-3-Clause

sql injection magic quotes legacy code

24/03 2018

1.1.0

1.1.0.0 https://github.com/yidas/php-magic-quotes-gpc

Implement magic_quotes_gpc on PHP 5.4 above version for legacy code

  Sources   Download

MIT

sql injection magic quotes legacy code

05/09 2017

1.0.0

1.0.0.0 https://github.com/yidas/php-magic-quotes

Implement Magic Quotes to PHP 5.4 above version, which prevents SQL Injection for legacy code

  Sources   Download

BSD-3-Clause

sql injection magic quotes legacy code