Analysis on the usage of addcslashes and stripcslashes functions in PHP-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

Analysis on the usage of addcslashes and stripcslashes functions in PHP

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jul 29, 2016 am 09:07 AM

addcslashessql

This article analyzes the usage of addcslashes and stripcslashes functions in PHP with examples. I share it with you for your reference. The details are as follows:

When I write the English version of a website, I fill in the English information after I finish writing it. There is no problem when I fill it in casually, but every time I fill in the specified content, I can’t fill it in. and no error was reported. I checked the database and found that this field used the "TEXT" data type. I thought it was because the content was too long, so I changed the data type to "longtext", but when I submitted it, I still found that The same problem occurs. Let's introduce the addcslashes function to you!

Later, I asked my colleagues for help, and they found out that the reason is the punctuation "'" in English. After MySQL executes here, it automatically thinks that the statement has ended, so it cannot be added. Now that you have found the problem, you have to find the corresponding solution, which is to add the escape character "" before all "'" in the text content. It just so happens that PHP provides the ability to automatically add or remove escapes from strings. The character functions addcslashes and stripcslashes, so after adding the test, the problem was solved! It can be seen that I am not strict enough when writing programs on weekdays, and always ignore such and such details. If a HACKER discovers these problems and exploits them, the website It’s basically OVER, so everyone must take this as a warning and don’t make the same mistake as me.

The following is a brief introduction to the usage of these two functions:

string addcslashes(string str, string charlist)

The first parameter str is the original string of the lost object

The second parameter charlist indicates that it needs to be in the original string Which characters are preceded by the character "".

string stripcslashes(string str)

Remove "" from string.

In addition, you can use the addslashes function to directly escape "'".

The example is as follows:

";
 $new_sql = addcslashes($sql,"'");
 echo $new_sql."<br>";
 $new_sql_01 = stripcslashes($new_sql);
 echo $new_sql_01."<br>";
 echo addslashes($sql);
?>

The running result is as follows:

update book set bookname='let's go' where bookid=1
update book set bookname=\'let\'s go\' where bookid=1
update book set bookname='let's go' where bookid=1
update book set bookname=\'let\'s go\' where bookid=1

I hope this article will be helpful to everyone in PHP programming.

The above introduces the usage analysis of addcslashes and stripcslashes functions in PHP, including the relevant aspects. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How do you create and use an interface in PHP?Apr 30, 2025 pm 03:40 PM

The article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.

What is the difference between crypt() and password_hash()?Apr 30, 2025 pm 03:39 PM

The article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.

How can you prevent Cross-Site Scripting (XSS) in PHP?Apr 30, 2025 pm 03:38 PM

Article discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.

What is autoloading in PHP?Apr 30, 2025 pm 03:37 PM

Autoloading in PHP automatically loads class files when needed, improving performance by reducing memory use and enhancing code organization. Best practices include using PSR-4 and organizing code effectively.

What are PHP streams?Apr 30, 2025 pm 03:36 PM

PHP streams unify handling of resources like files, network sockets, and compression formats via a consistent API, abstracting complexity and enhancing code flexibility and efficiency.

What is the maximum size of a file that can be uploaded using PHP ?Apr 30, 2025 pm 03:35 PM

The article discusses managing file upload sizes in PHP, focusing on the default limit of 2MB and how to increase it by modifying php.ini settings.

What is Nullable types in PHP ?Apr 30, 2025 pm 03:34 PM

The article discusses nullable types in PHP, introduced in PHP 7.1, allowing variables or parameters to be either a specified type or null. It highlights benefits like improved readability, type safety, and explicit intent, and explains how to declar

What is the difference between the unset() and unlink() functions ?Apr 30, 2025 pm 03:33 PM

The article discusses the differences between unset() and unlink() functions in programming, focusing on their purposes and use cases. Unset() removes variables from memory, while unlink() deletes files from the filesystem. Both are crucial for effec

See all articles