As I was following the tutorial on How To Create a Theme Options Page for Your WordPress Theme, from ForTheLose.org, I stumbled upon an irritating issue. I wanted to create an option where you can paste your Google Ad Sense code from the theme admin panel. The problem is, as soon as I drop stuff like HTML code into the field, it automatically adds unwanted backslashes in front of double quotes. As I later figured out, this is actually a “feature” in PHP known as “Magic Quotes”.
What the heck are “Magic Quotes”
For those who know PHP, the language is designed to avoid conflicts in strings (mostly characters used in variables) through the use of escape sequences. Escape sequences are formed by providing a (“\”) backslash in front of characters such as double quotes, to convert them into a literal string. The people who wrote PHP wanted this to be an automated process, so they decided that all text passed through online forms are automatically escaped with a backslash. This is known as Magic Quotes. Although their intentions were good, it has caused more problems than fixes. According to the PHP.net: Magic Quotes are deprecated as of version 5.3 and will not be part of future versions.
WordPress Fix
Although you can disable Magic Quotes in your hosting server php.ini file, it won’t do me any good since I’m developing a theme to be released for public use. This means that users of my theme will have various server configurations and telling them to turn this feature off is simply not an option. Luckily, WordPress has adapted PHP.net’s function “stripslashes deep” – which disables Magic Quotes at runtime. All you need to do is paste the following code into your theme file and should take care of the issue:
1 2 3 4 5 6 7 8 | <?php if ( get_magic_quotes_gpc() ) { $_POST = array_map( 'stripslashes_deep', $_POST ); $_GET = array_map( 'stripslashes_deep', $_GET ); $_COOKIE = array_map( 'stripslashes_deep', $_COOKIE ); $_REQUEST = array_map( 'stripslashes_deep', $_REQUEST ); } ?> |
The above code strips slashes when data arrives via $_POST, $_GET, $_COOKIE, and $_REQUEST methods. In my case, I’ve pasted this code inside my functions.php file which contain my theme options. This page alone will serve multiple textarea input fields which will allow special characters such as Google Analytics and AdSense code. Note that this can be used in any page with input fields such as a contact and RSVP forms.
BTW, Interested in different hosting options? Learn about the best cloud storage services with Peer1.
Well just posting this expose to conduct that I seize your blog daily.
Nice. Worked for me. Thanks
Was having this problem with a wordpresss theme that had built in theme options for AdSense. Your bit of Code still works.
tanks spanky
Very useful. Just what I was looking for. You rock!
Where do I paste this in the functions file please? Pulling my hair out.
I’ve tried it before the post method, at the end very of the document and at the start.
Any advice much appreciated!
Thanks
you can paste anywhere in functions.php
Unfortunately by adding this piece of code at the end of functions.php I get internal server error 500.
Hi there Micheal, I’m having the same internal server error as Tim… I guess your method is the best out there, but I’d love to get it working! Any idea about where’s exactly the best place to add your piece of code? Thanks in advance, take care.
Worked like a charm. Thank you so much!