htmlspecialchars(),addslashes()详解

Home

Backend Development

PHP Tutorial

htmlspecialchars(),addslashes()详解_PHP

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 23, 2016 pm 01:38 PM

htmlspecialchars()

默认你已经了解HTML字符实体

$html = "

1.htmlspecialchars($html)

作用:传入字符串$html,将$html中包含等HTML中预留的字符,转换成字符实体,返回转换后的字符串

应用场景:

a.想在HTML中直接显示源码(等同右击=>查看源码效果),此时可以使用htmlspecialchars()对想输出的源码进行转义;

b.文本过滤:在表单页,防止恶意注入,如在输入框中输入,此时使用htmlspecialchars()转义后,该脚本中的将会被转为字符实体,在php中不会执行.

2.addslashes($html)

作用:传入字符串$html,addslashes()会将$html中的单引,双引号全部转义

应用场景:

a.数据库插入大段HTML字符串

示例代码:

<?php $html = "<div id='MH370'>MH370<div>";$hsc = htmlspecialchars($html);$ass = addslashes($html);var_dump($html);var_dump($hsc);var_dump($ass);?>  <p>返回结果:</p>  <p></p>  <pre name="code" class="sycode">string '<div id="MH370">MH370<div>' (length=26)string <span style="color:#cc0000;">'<div id='MH370'>MH370<div></span>' (length=38)string '<div id="\'MH370\'">MH370<div>' (length=28)  <br>  <br>  <p></p>  <br>  <p></p> </div>
</div>
</div>
</div>

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

What is the full form of PHP?Apr 28, 2025 pm 04:58 PM

The article discusses PHP, detailing its full form, main uses in web development, comparison with Python and Java, and its ease of learning for beginners.

How does PHP handle form data?Apr 28, 2025 pm 04:57 PM

PHP handles form data using $\_POST and $\_GET superglobals, with security ensured through validation, sanitization, and secure database interactions.

What is the difference between PHP and ASP.NET?Apr 28, 2025 pm 04:56 PM

The article compares PHP and ASP.NET, focusing on their suitability for large-scale web applications, performance differences, and security features. Both are viable for large projects, but PHP is open-source and platform-independent, while ASP.NET,

Is PHP a case-sensitive language?Apr 28, 2025 pm 04:55 PM

PHP's case sensitivity varies: functions are insensitive, while variables and classes are sensitive. Best practices include consistent naming and using case-insensitive functions for comparisons.

How do you redirect a page in PHP?Apr 28, 2025 pm 04:54 PM

The article discusses various methods for page redirection in PHP, focusing on the header() function and addressing common issues like "headers already sent" errors.

Explain type hinting in PHPApr 28, 2025 pm 04:52 PM

Article discusses type hinting in PHP, a feature for specifying expected data types in functions. Main issue is improving code quality and readability through type enforcement.

What is PDO in PHP?Apr 28, 2025 pm 04:51 PM

The article discusses PHP Data Objects (PDO), an extension for database access in PHP. It highlights PDO's role in enhancing security through prepared statements and its benefits over MySQLi, including database abstraction and better error handling.

How to create API in PHP?Apr 28, 2025 pm 04:50 PM

Article discusses creating and securing PHP APIs, detailing steps from endpoint definition to performance optimization using frameworks like Laravel and best security practices.

See all articles