Analysis on the usage of addcslashes and stripcslashes functions in PHP

This article analyzes the usage of addcslashes and stripcslashes functions in PHP with examples. I share it with you for your reference. The details are as follows:

When I write the English version of a website, I fill in the English information after I finish writing it. There is no problem when I fill it in casually, but every time I fill in the specified content, I can’t fill it in. and no error was reported. I checked the database and found that this field used the "TEXT" data type. I thought it was because the content was too long, so I changed the data type to "longtext", but when I submitted it, I still found that The same problem occurs. Let's introduce the addcslashes function to you!

Later, I asked my colleagues for help, and they found out that the reason is the punctuation "'" in English. After MySQL executes here, it automatically thinks that the statement has ended, so it cannot be added. Now that you have found the problem, you have to find the corresponding solution, which is to add the escape character "" before all "'" in the text content. It just so happens that PHP provides the ability to automatically add or remove escapes from strings. The character functions addcslashes and stripcslashes, so after adding the test, the problem was solved! It can be seen that I am not strict enough when writing programs on weekdays, and always ignore such and such details. If a HACKER discovers these problems and exploits them, the website It’s basically OVER, so everyone must take this as a warning and don’t make the same mistake as me.

The following is a brief introduction to the usage of these two functions:

string addcslashes(string str, string charlist)

The first parameter str is the original string of the lost object

The second parameter charlist indicates that it needs to be in the original string Which characters are preceded by the character "".

string stripcslashes(string str)

Remove "" from string.

In addition, you can use the addslashes function to directly escape "'".

The example is as follows:

<&#63;php
$sql = "update book set bookname='let's go' where bookid=1";
 echo $sql."<br/>";
 $new_sql = addcslashes($sql,"'");
 echo $new_sql."<br/>";
 $new_sql_01 = stripcslashes($new_sql);
 echo $new_sql_01."<br/>";
 echo addslashes($sql);
?>

The running result is as follows:

update book set bookname='let's go' where bookid=1
update book set bookname=\'let\'s go\' where bookid=1
update book set bookname='let's go' where bookid=1
update book set bookname=\'let\'s go\' where bookid=1

I hope this article will be helpful to everyone in PHP programming.

The above introduces the usage analysis of addcslashes and stripcslashes functions in PHP, including the relevant aspects. I hope it will be helpful to friends who are interested in PHP tutorials.