Apostrophe and Backslash error in WordPress – it’s Magic Quotes

/, Hacks, How To, Pura Vida MultiMedia, Web Design/Apostrophe and Backslash error in WordPress – it’s Magic Quotes

On a high quality self-marketing blog that I manage, when someone would add a comment that included an apostrophe, the apostrophe would populate on the page with a backslash behind it.

From ‘ to /’ every time.

I could manually edit these in the WordPress backend, or even use a search and replace plugin on the comment fields in the WP database, but come on, this is wordpress. I want a plugin or an easy piece of code that can fix it.

Unfortunately, this issue does not exist solely inside of the WordPress core, or  it would be resolved with an upgrade. It also is not an issue caused solely by any one plugin, although deactivating your plugins can lead you to find out which plugin is contributing to the error.

The real problem is the way that some plugins interact with your SQL Database.

One site, with one host, with a specific set of plugins will not manifest this issue, where apostrophes add unwanted backslashes in WordPress. Sometimes it’s in the Comments field, sometimes it’s in the post copy, and sometimes it’s in the titles.

When my problem (which came from a Mailchimp-signup-in-the-comments plugin) started showing up in the titles of my posts, I knew it was time to brave the searches once again, and defeat this issue once and for all.

The difficulty with finding an answer to the backslash-apostrophe WordPress problem is that the search results for this problem provide answers to problems way back in WordPress 2.3, referencing plugins that are no longer active, and MySQL Database hacks that are no longer applicable, due to upgrades in the WordPress core, PHP, and Apache over the past few years.

I had to research this issue multiple times to finally find a piece of recent code that worked for me.

The backslash-apostrophe answer: stripslashes.

I had tried some stripslashes code before, to no avail; finally, I found this piece of code in the WordPress codex and put it into functions.php:

if ( get_magic_quotes_gpc() ) {
$_GET = stripslashes_deep($_GET );
$_POST = stripslashes_deep($_POST );
$_COOKIE = stripslashes_deep($_COOKIE);
}

The codex offers an explanation and a caveat:

The existence of magic quotes has been a headache for many PHP composers. Future versions of PHP may very likely deprecate them. Code will, however, need to continue to work around them as long as PHP4 and PHP5 remain in use.
Please Note: On any page load where WordPress itself loads, the above example will be unreliable. Very early in its execution, WordPress intentionally adds “magic quotes” for the sake of consistency. This is regardless of the return of get_magic_quotes_gpc(). Core code, and plugins all over, expect the values of $_REQUEST etc to be escaped.

Search and Replace ‘Backslash Apostrophe’ for ‘Apostrophe’

Although this method will prevent any future apostrophes from rendering with backslashes, all the current “/'” entries still exist in the blog.

I used a search and replace plugin that can run on your ENTIRE wordpress database. Be careful to run this plugin ONLY on post content, comments, and titles; replacing backslashes in your code would not be a good idea.

Stripping slashes in php

PHP.net offers two methods of disabling magic quotes: one from the server side, and one at runtime.

Although I have not tried these solutions, here are some other options:

Disabling magic quotes in .htaccess file:

php_flag magic_quotes_gpc Off

Disabling magic quotes on your server

In php.ini, paste this code:

; Magic quotes;

; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off

; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off

; Use Sybase-style magic quotes (escape ‘ with ” instead of \’).
magic_quotes_sybase = Off

Disabling magic quotes during page load:

<?php
if (get_magic_quotes_gpc()) {
$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
while (list($key, $val) = each($process)) {
foreach ($val as $k => $v) {
unset($process[$key][$k]);
if (is_array($v)) {
$process[$key][stripslashes($k)] = $v;
$process[] = &$process[$key][stripslashes($k)];
} else {
$process[$key][stripslashes($k)] = stripslashes($v);
}
}
}
unset($process);
}
?>

For more information on why magic quotes sucks, read the article on Wikipedia.

By | 2016-12-20T07:37:22+00:00 January 28th, 2013|Blog, Hacks, How To, Pura Vida MultiMedia, Web Design|

About the Author:

Father of 3. WordPress website designer. Creative director @ Stellar Platforms. Writer, multimedia producer, digital marketer, and retired superhero.

9 Comments

  1. Caelan Huntress January 28, 2013 at 9:41 am - Reply

    Does this solution work for your website? Leave a comment and let me know.

    • Yasemin March 22, 2014 at 11:11 pm - Reply

      Wow! Talk about a way to redo a classic, amoslt cliche9, tattoo. The best, refreshing, new anchor look I ever saw!Amazing, just like everything else I’ve seen on this site!

  2. Zeeshan Khan April 19, 2014 at 3:16 am - Reply

    Works great. I just embedded this in my wordpress plugin of query interface where I was having issue in executing the query with single quotes.

  3. Ruth Davies May 4, 2014 at 2:11 am - Reply

    I have tried this on my WP website, but does not working there. I am not very sure why this problem occurring on this website, I using few plugins. Is there any code for my function.php in WordPress theme.

    Regards,
    Ruth, UK

  4. Daniel B September 14, 2014 at 9:40 pm - Reply

    In functions.php worked for me. I had this issue in “Ajax Event Calendar” plugin. Solved, thank you.

  5. Jeanine April 6, 2016 at 7:20 am - Reply

    Should i put it in the normal functions file or in the child-theme functions file?

    • Caelan Huntress April 6, 2016 at 1:56 pm - Reply

      Try it in the child theme functions.php first, and if that doesn’t work graduate it.

Leave A Comment