Detailed analysis and explanation of php addslashes function_PHP tutorial
WBOY
Release: 2016-07-21 15:45:29
Original
1001 people have browsed it
Syntax: string addslashes(string str); Content description This function adds slashes to the quoted part of the string that needs to be processed by the database, so that the database query can operate smoothly. The characters that will be changed include single quotes ('), double quotes ("), backslash () and the null character NUL (the null byte). ============ ================================================== == 1, the performance of addslashes in form submission first depends on the value of get_magic_quotes_gpc(), which is usually 1. At this time, the content submitted from For example, input ' becomes ' , " becomes " , becomes \ Example: PHP code:
Copy code The code is as follows:
test
echo get_magic_quotes_gpc(). " A ".$_POST['message']. " B ".stripslashes($_POST['message' ]); ?>
Input: include('/home/me/myfile');
Output: 1 A include('/home/me/myfile'); B include('/home/me/myfile'); Summary: When get_magic_quotes_gpc() is equal to 1, if you do not enter the database, then you get The result is with a slash.
2, the performance of addslashes when submitting to the database. Example:
Copy the code
The code is as follows: test
require_once('includes/common.php'); $db->query("INSERT INTO `testtable` ( id , content ) VALUES ('1' , '".$_POST['message']."')"); $query=$db->query("select * from `testtable` where `id` = 1;"); $Result=$db->fetch_array($query); echo get_magic_quotes_gpc(). " A ".$_POST['message']. " B ".$Result['content']; ?>
Input: include('/home/me/myfile '); Output: 1 A include('/home/me/myfile'); B include('/home/me/myfile');
Summary: When get_magic_quotes_gpc() is equal to 1, if After entering the database, when you read it directly from the database, you can get the input string without making any modifications.
3, get_magic_quotes_gpc()
The settings of get_magic_quotes_gpc() on the server cannot be modified at runtime. In other words, you must consider different situations in advance in your web page code. Otherwise, when you submit the data, you still don’t know whether the server added a slash to you. The following two popular functions on the Internet may be what everyone needs. I personally like the second one: PHP code:
Copy code
The code is as follows: function my_addslashes( $message ){
The simple explanation is that if get_magic_quotes_gpc() is equal to 1 (the server default setting is 1), then our string can be directly stored in the database without modification. Otherwise, we use the addslashes function.
http://www.bkjia.com/PHPjc/320351.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/320351.htmlTechArticle Syntax: string addslashes(string str); Content description: This function removes quotation marks in the string that needs to be processed by the database. Add slashes to the part to allow database query to operate smoothly. This...
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn