During development, we must pay attention to preventing sql injection, so the values submitted by the form must be processed accordingly before the data can be updated into the database
php sweeps the army function. Any value can be passed in for conversion
Copy code The code is as follows:
function quotes($content)
{
//If magic_quotes_gpc=Off, then start processing If (!get_magic_quotes_gpc()) { //Determine whether $content is an array
if (is_array($content)) {
//If $content is an array, then process each element of it
foreach ($content as $key=>$value) {
$content[$key] = addslashes($value);
If magic_quotes_gpc=On, then it will not be processed.
} 🎜>stripslashes(), it can remove the (backslash) automatically added when processing addslashes()
http://www.bkjia.com/PHPjc/327587.html
www.bkjia.com
true
http: //www.bkjia.com/PHPjc/327587.html
TechArticle
During development, we must pay attention to preventing sql injection, so the values submitted by the form must be processed accordingly. , only then can the data be updated into the database using the PHP function. Any value...
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
