Freelance PHP programmer India | Freelance web developer india | Web development India | web developer CV india | Compiling PHP and Apache 2 from source on Linux
Why not to use Magic Quotes
-
Portability
Assuming it to be on, or off, affects portability. Use
get_magic_quotes_gpc() to check for this, and code
accordingly.
-
Performance
Because not every piece of escaped data is inserted into a
database, there is a performance loss for escaping all this data.
Simply calling on the escaping functions (like
addslashes()) at runtime is more efficient.
Although php.ini-dist enables these directives
by default, php.ini-recommended disables it.
This recommendation is mainly due to performance reasons.
-
Inconvenience
Because not all data needs escaping, it's often annoying to see escaped
data where it shouldn't be. For example, emailing from a form, and
seeing a bunch of \' within the email. To fix, this may require
excessive use of stripslashes().