PHP code to implement anti-injection and form submission value escaping

/**
* PHP form character escape
* Prevent sql injection
* edit bbs.it-home.org
*/
function quotes($content)
{
//If magic_quotes_gpc=Off, then start processing
if (!get_magic_quotes_gpc()) {
/ /Determine whether $content is an array
if (is_array($content)) {
//If $content is an array, then process each of its elements
foreach ($content as $key=>$value) {
$content[$key] = addslashes($value);
}
} else {
//If $content is not an array, then it will only be processed once
addslashes($content);
}
} else {
// If magic_quotes_gpc=On, then it will not be processed
}
//Return $content
return $content;
?>

Note: Use stripslashes () to remove backslashes when displaying stripslashes(), it can remove the (backslash) automatically added during addslashes() processing.

That’s it, a simple php function that can escape form submission content and prevent SQL injection.