From 79bcbeb4cfddf28ebaf495fb54fb4c3c2478574f Mon Sep 17 00:00:00 2001
From: Matthieu Leproux <matthieu.leproux@gmail.com>
Date: Wed, 16 Nov 2022 14:11:30 +0100
Subject: [PATCH] (cp 96a4e21) fixed #1792 user input escape works for php8

---
 include/common.inc.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/include/common.inc.php b/include/common.inc.php
index cdb577fed..2ab4a2243 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -17,7 +17,11 @@ $t2 = microtime(true);
 // addslashes to vars if magic_quotes_gpc is off this is a security
 // precaution to prevent someone trying to break out of a SQL statement.
 //
-if(function_exists('get_magic_quotes_gpc') && !@get_magic_quotes_gpc() )
+// The magic quote feature has been disabled since php 5.4
+// but function get_magic_quotes_gpc was always replying false.
+// Since php 8 the function get_magic_quotes_gpc is also removed
+// but we stil want to sanitize user input variables.
+if(!function_exists('get_magic_quotes_gpc') or !@get_magic_quotes_gpc() )
 {
   function sanitize_mysql_kv(&$v, $k)
   {