Analysis of the security principle of using addslashes function escaping in PHP, addslashes escaping_PHP tutorial

Analysis of the security principle of using addslashes function escaping in PHP, addslashes escaping

The example in this article describes the analysis of the security principles of using addslashes function escaping in PHP. Share it with everyone for your reference. The specific analysis is as follows:

Let’s first take a look at the prototype of addslashes_deep in ECshop

Copy code The code is as follows:

function addslashes_deep($value) {
If (empty($value)) {
           return $value; //If it is empty, return directly;
} else {
           return is_array($value) ? array_map('addslashes_deep', $value): addslashes($value);
} } //Process the array recursively until all array elements are traversed;
}

There is nothing wrong with the addslashes_deep function itself, but you have to pay attention when using it
I just happened to see someone posting on the Internet today about the BUG injection vulnerability used by this function
This function only escapes the value of the data when referencing the callback function addslashes. Therefore, if the user refers to the keys of the array for specific processing during this process, there is a risk of $key injection. In this case, the addslashes_deep function can be changed to make it At the same time, escape the key value, or explicitly do not quote the key content when using it.

I hope this article will be helpful to everyone’s PHP programming design.

The purpose of addslashes() function in php

addslashes -- Use backslashes to quote strings

string addslashes ( string str )

Returns a string that needs to be preceded by certain characters for database query statements, etc. Backslash added. These characters are single quote ('), double quote ("), backslash (\) and NUL (NULL character).

An example of using addslashes() is when you want to enter data into a database For example, if you insert the name O'reilly into the database, you need to escape it. Most databases use \ as the escape character: O\'reilly. This will put the data into the database without inserting it. Extra \. When the PHP directive magic_quotes_sybase is set to on, it means that ' will be escaped when inserting '

By default, the PHP directive magic_quotes_gpc is on, which is mainly used for all GET, POST and COOKIE data automatically run addslashes(). Do not use addslashes() on strings that have been escaped by magic_quotes_gpc, because this will cause double-level escaping. You can use the function get_magic_quotes_gpc() to detect this situation.

What should I do if addslashes cannot be retrieved normally after escaping them? I can’t retrieve them even after escaping them

See if you need to dequote a string escaped using addcslashes. You can use the stripcslashes function to decode it

http://www.bkjia.com/PHPjc/904929.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/904929.htmlTechArticleAnalysis of the security principles of using addslashes function escaping in PHP, addslashes escaping This article describes the use of addslashes in PHP Analysis of the security principles of function escape. Share it with everyone for everyone...