Special concept. ', Since the program automatically determines magic_quotes_gpc and automatically escapes all POST and GET data (under addslashes), the $message[sitename] in the above array becomes a native tribe before entering the database. When the mysql database is saved, the saved content is still the native tribe (don't ask me 'how to enter the mysql library and it becomes'). This is the escaping feature of mysql, and most databases also rely on escaping. ), there is no problem at this time. I thought of several solutions:
'uid' => 1,
'nickname' => 'Potato Man',
'site' => ”,
'sitetype' => 1,
'starttime' => 1191074174,
'lasttime' => 1191629784,
'totleviews' => 14,
'totleblogs' => 3
);
The problem arises when this field is found from the database and then unserialized. Since the value of the tribe is not escaped from the database, it will be unserialized. fail.
First, this array no longer exists in a field, and each key exists independently in a field. If this is excluded, the system is already running, and it is troublesome to change it. explain.
Second, addslashes the serialized array before storing the data in mysql. At this time, the data stored in mysql is the tribe, but the database finds that the data after unserialization is still the tribe, so it needs to be done again. Stripslashes this array one by one.
Third, give up the user experience :), do not allow '/" to appear, and it will be automatically replaced if it exists
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
