What is the code to escape a string in PHP

The code for PHP to escape strings is "addcslashes("string","characters that require special meaning")" or "addslashes("string")"; addcslashes() and addslashes() functions You can escape a string by adding a backslash before specified characters in the string.

The operating environment of this tutorial: windows7 system, PHP7.1 version, DELL G3 computer

How to escape characters string?

Strings can use single quotes '', double quotes "", and delimiters 3 ways to define, the simplest way is to use single quotes <code>'' to define a string. When using strings, it is likely that these symbols that define strings will also need to be used as part of the string. In order to avoid confusion, the transfer character \ must be used in front of these symbols. .

\ is an escape character, and the first character immediately following \ will become a character with no meaning or special meaning.

For example, ' is a special symbol that defines a string. If it is written as \', it loses its function of defining a string and becomes an ordinary symbol. Single quotes. We can use echo "\'"; to output a single quote, and the escape character \ will not be displayed.

How to escape strings in PHP

Method 1: Use the addcslashes() function

The addcslashes() function returns a string with a backslash added before the specified character.

Example: Add a backslash before the character "A"

<?php 
$str = addcslashes("A001 A002 A003","A");
echo($str); 
?>

The addcslashes() function is case-sensitive.

Note: Please be careful when applying addcslashes() to the following characters: 0 (NULL), r (carriage return), n (line feed), f (form feed), t (tab), and v (vertical Tabs). In PHP, \0, \r, \n, \t, \f and \v are predefined escape sequences.

Method 2: Use addslashes() function

addslashes() function returns a string with a backslash added before predefined characters.

The predefined characters are:

• Single quotation mark (')

• Double quotation mark (")

• Backslash (\)

• NULL

The addslashes() function can be used to prepare strings for strings stored in the database as well as database query statements.

Example:

<?php 
header("Content-type:text/html;charset=utf-8");
$sql = "select * from php where website=&#39;PHP中文网&#39;";
$str = addslashes($sql);
echo $str.&#39;<br>&#39;;
?>

Note: By default, PHP automatically runs addslashes() on all GET, POST and COOKIE data. So you should not use addslashes() on escaped strings, because Will result in double-layer escaping. When encountering this situation, you can use the function get_magic_quotes_gpc() to detect it.

Recommended learning: "PHP Video Tutorial"

The above is the detailed content of What is the code to escape a string in PHP. For more information, please follow other related articles on the PHP Chinese website!