about backslash escaping in PHP:
The Magic reference function of data in PHP MAGIC_QUOTES_GPC or magic_quotes_runtime
When on, automatically escapes when the data encounters a single quote ' and double quotation mark ' and a backslash \ Null.
Notes: By default, PHP instruction MAGIC_QUOTES_GPC is on, and automatically runs Addslashes () for all GET, POST, and COOKIE data. Do not use Addslashes () for strings that have been MAGIC_QUOTES_GPC escaped, because this results in double-layer escaping. You can use the function GET_MAGIC_QUOTES_GPC () to detect this situation.
the difference between MAGIC_QUOTES_GPC and magic_quotes_runtime:
MAGIC_QUOTES_GPC
The scope of action is: Web customer service side;
Action time: When the request starts, such as when the script is running.
Magic_quotes_runtime
This function is the alias of the function: Set_magic_quotes_runtime ()
Scope: Data read from a file or executed by exec () or from a SQL query;
Action time: Data generated each time the script accesses the running state.
From This we can see:
MAGIC_QUOTES_GPC settings will affect data obtained through GET, POST, and Cookie
The Magic_quotes_runtime setting will affect the data read from the file or the data that is being queried from the database
Here are a couple of related functions:
Set_magic_quotes_runtime ():
Sets the Magic_quotes_runtime value. 0 or false for "off". 1 or True for "on". The default state is off. You can view the current state of the magic_quotes_runtime by using echo phpinfo ().
GET_MAGIC_QUOTES_GPC ():
View the MAGIC_QUOTES_GPC value. 0 or False for "off". 1 or true means "open".
Get_magic_quotes_runtime ():
View the Magic_quotes_runtime value. 0 or false for "off". 1 or true means "open".
It is important to note that there is no set_magic_quotes_gpc () function, that is, the value of MAGIC_QUOTES_GPC cannot be set in the program.
Because of the two-value setting problem, it can cause some confusion in programming, or it will be escaped more once, in this case, it needs to be set and judged at the beginning of the program, or the default configuration
Both values are closed. The escape part is executed by the program.
Ensure that data is normally inserted into the data using addslashes this to handle, the data read out when the use of stripslashes to remove the added backslash
similar character conversions or set-up functions in PHP
Ini_get get the values of some configuration options
Addslashes the specified predefined character before a backslash is added
Stripslashes removing backslashes added by the addslashes () function
Htmlspecialchars convert some pre-defined characters to HTML entities
Htmlspecialchars_decode convert some of the predefined HTML entities to characters
Html_entity_decode () converts an HTML entity to a character
Htmlentities () converts a character to an HTML entity
MAGIC_QUOTES_GPC and Magic_quotes_runtime differences in PHP and their anti-slash escaping problems