Home > Article > Backend Development > What are the differences between php daddslashes() and saddslashes()_PHP Tutorial
What are the differences between php daddslashes() and saddslashes()_PHP Tutorial
- WBOYOriginal
- 2016-07-21 15:15:02689browse
//GPC filtering, automatically escapes special characters in $_GET, $_POST, $_COOKIE to prevent SQL injection attacks
$_GET = saddslashes($_GET);
$_POST = saddslashes($_POST ; ($string, $force = 0, $strip = FALSE) {
//Whether the string or array is forced or removed
//If the magic reference is not turned on or $force is not 0 if(! MAGIC_QUOTES_GPC || $force) { if(is_array($string)) { //If it is an array, loop this function foreach($string as $key => $val) { $string[$key] = daddslashes($val, $force);
} } else {
//If magic reference is on or $force is 0
//The following is a three Meta operator, if $strip is true, execute stripslashes to remove the backslash characters, and then execute addslashes
//$strip is true, that is, remove the backslash characters first and then escape them as $_GET,$ _POST, $_COOKIE and $_REQUEST The $_REQUEST array contains the values of the first three arrays
//Why do we need to remove the backslash and then escape the $string here, because sometimes $string may have two backslashes, stripslashes filters out excess backslashes
$string = addslashes($strip ? stripslashes($string) : $string);
}
}
return $string ;
}eg: saddslashes function saddslashes($string) { if(!MAGIC_QUOTES_GPC){
if(is_array($string)) { //If the escape is an array, recursively convert the value in the array Meaning
foreach($string as $key => $val) {
$string[$key] = saddslashes($val);
}
} else {
$string = addslashes($string); //Escape single quotes ('), double quotes ("), backslashes () and NUL (NULL characters)
}
return $string;
}else{
return $string;
}
The main thing is:
saddslashes can escape every data
Copy code
The code is as follows:
//If magic reference is on or $force is 0
//The following is a three Meta operator, if $strip is true, execute stripslashes to remove the backslash characters, and then execute addslashes
//$strip is true, that is, remove the backslash characters first and then escape them as $_GET,$ _POST, $_COOKIE and $_REQUEST The $_REQUEST array contains the values of the first three arrays
//Why do we need to remove the backslash and then escape the $string here, because sometimes $string may have two backslashes, stripslashes filters out excess backslashes
$string = addslashes($strip ? stripslashes($string) : $string);
}
}
return $string ;
}eg: saddslashes function saddslashes($string) { if(!MAGIC_QUOTES_GPC){
if(is_array($string)) { //If the escape is an array, recursively convert the value in the array Meaning
foreach($string as $key => $val) {
$string[$key] = saddslashes($val);
}
} else {
$string = addslashes($string); //Escape single quotes ('), double quotes ("), backslashes () and NUL (NULL characters)
}
return $string;
}else{
return $string;
}
The main thing is:
saddslashes can escape every data
Copy code
The code is as follows:
function saddslashes($string) {
if(is_array($string)) {
foreach($string as $key => $val) { $string[$key] = saddslashes($val); } } else { $string = addslashes($string);
} return $string;
}
http://www.bkjia.com/PHPjc/326187.html
www.bkjia.com
truehttp: //www.bkjia.com/PHPjc/326187.html
}
http://www.bkjia.com/PHPjc/326187.html
www.bkjia.com
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Active and Passive in PHP Language Process Control_PHP TutorialNext article:Active and Passive in PHP Language Process Control_PHP Tutorial