Home  >  Article  >  Backend Development  >  php addslashes sql anti-injection function

php addslashes sql anti-injection function

高洛峰
高洛峰Original
2016-11-29 14:46:181562browse

addslashes can automatically add \\\ to single quotes and double quotes, so that we can safely store data in the database without being exploited by hackers. The parameter 'a..z' defines that all uppercase and lowercase letters will be converted Meaning, the code is as follows:

echo addcslashes('foo[ ]','a..z'); //Output: foo[ ]

$str="is your name o'reilly?"; //Define characters Strings, including characters that need to be escaped

echo addslashes($str); //Output the escaped string

//Open source code phpfensi.com

Definition and usage: The addslashes() function is used in the specified preset Add a backslash before defining the character.

These predefined characters are: single quote ('), double quote ("), backslash (), null

Syntax: addslashes(string), of course this function is safer, The example code is as follows:

$str="; //Define strings containing special characters

$new=htmlspecialchars($str,ent_quotes ); //Perform conversion operation

echo $new; html string

echo html_entity_decode($str); //Output the converted content

echo "
";

echo html_entity_decode($str,ent_quotes); //Output with optional parameters Content