Home >Backend Development >PHP Tutorial >php addslashes sql anti-injection function_PHP tutorial
php addslashes sql anti-injection function_PHP tutorial
- WBOYOriginal
- 2016-07-20 11:02:081135browse
addslashes can automatically add single quotes and double quotes, so that we can safely store data in the database without being exploited by hackers. *///The parameter 'A..z' defines that all uppercase and lowercase letters are escaped echo addcslashes('foo[ ]','A..z'); //Output: foo[ ]
addslashes can automatically add single quotes and double quotes, so that we can safely store data in the database tutorial without being exploited by hackers.
*/
//The parameter 'a..z' defines that all uppercase and lowercase letters are escaped
echo addcslashes('foo[ ]','a..z'); //Output: foo[ ]
//
$str="is your name o'reilly?"; //Define string, including characters that need to be escaped
echo addslashes($str); //Output the escaped string
/*
Definition and Usage
The addslashes() function adds a backslash before the specified predefined characters.
These predefined characters are:
Single quote (')
Double quotes (")
backslash ()
null
Grammar
addslashes(string)
*/
//Of course this function is safer
$str="test"; //Define a string containing special characters
$new=htmlspecialchars($str,ent_quotes); //Perform conversion operation
echo $new; //Output the conversion result
//But you need to use
$str="jane & 'tarzan'"; //Define html string
echo html_entity_decode($str); //Output the converted content
echo "
";
echo html_entity_decode($str,ent_quotes); //Content output with optional parameters