Parsing PHP into and out of the database_PHP tutorial

What should you pay attention to when putting data into the database and taking it out to display on the page
When entering the database
$str=addslashes($str);
$ sql="insert into `tab` (`content`) values('$str')";
When leaving the warehouse
$str=stripslashes($str );
When displayed
$str=htmlspecialchars(nl2br($str));
//-- Title, name and other fields are processed into the database (remove leading and trailing spaces)
functiontrans_string_trim($str){
$str=trim($str);
$str=eregi_replace("'"," ''",$str);
$str=stripslashes($str);
return$str;
}
//--Article storage processing, that is, textarea field;
functiontrans_string($str){
$str=eregi_replace("'","''",$str);
$str=stripslashes($str);
return$ str;
}
//--Displayed in the form from the library; converted with trans in text, in textarea, no conversion required, displayed directly
//--Displayed in WEB Page, filter HTML code; including link address
functiontrans($string){
$string=htmlspecialchars($string);
$string=ereg_replace(chr(10),"$string=ereg_replace(chr(32),"",$string);
return$string;
}
//--displayed in WEB pages, HTML codes are not filtered;
functiontrans_web($string){
$string=ereg_replace(chr(10),"
",$string);
$string= ereg_replace(chr(32),"",$string);
return$string;
}
//--Displayed on the WEB page, filtering HTML code and leading and trailing spaces, mainly used To display user nickname
functiontrans_trim($string){
$string=trim($string);
$string=htmlspecialchars($string);
$string=ereg_replace(chr( 10),"
",$string);
$string=ereg_replace(chr(32),"",$string);
return$string;
}
//--Displayed in span;
functiontrans_span($string){
$string=ereg_replace(chr(10),"n",$string);
$string=ereg_replace (chr(32),"",$string);
$string=ereg_replace('"',""",$string);
return$string;
}
//--Display cookies on WEB, filter html
functiontrans_cookie($str){
$str=trans($str);
$str=stripslashes($str);
$str=eregi_replace("''","'",$str);
return$str;
}
?>

http://www.bkjia.com/PHPjc/327911.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/327911.htmlTechArticleThe data is put into the database and taken out to display on the page what needs to be paid attention to when entering the database $str=addslashes($str) ; $sql="insert into `tab` (`content`) values('$str')"; When leaving the library, $str=stripsla...