PHP addslashes function Detailed analysis explanation _php Foundation

Syntax: string addslashes (String str);
Content Description
This function slashes the quotation marks in strings that need to be processed by the database so that database queries (query) can function smoothly. The characters that will be changed include single quotes ('), double quotes ("), backslash backslash (\), and null character NUL (the null byte).
================================================================
1, the presentation of addslashes in form submission.
The first thing to look at is the value of GET_MAGIC_QUOTES_GPC (), typically 1. This time, the content submitted from <TEXTAREA> will be automatically preceded by a slash.
For example, the input ' becomes ', ' becomes ', ' becomes \
Example:
PHP Code:

Copy Code code as follows:

<body>
<form action= "" method=post>
<textarea name=message rows= "cols=" >default text</textarea>
<input Type=submit Value=submit name=submit></form>
<?php
Echo GET_MAGIC_QUOTES_GPC ().
"A". $_post[' message '.
"B". Stripslashes ($_post[' message '));
?>
</body>

Input: Include ('/home/me/myfile ');
Output: 1 A include (\ '/home/me/myfile\ '); B include ('/home/me/myfile ');
Summary: GET_MAGIC_QUOTES_GPC () is equal to 1, if you do not enter the database, then you get the result is added a slash.
2, when submitting the input database Addslashes performance.
Example:
PHP Code:

Copy Code code as follows:

<body>
<form action= "" method=post>
<textarea name=message rows= "cols=" >default text</textarea>
<input Type=submit Value=submit name=submit></form>
<?php
Require_once (' includes/common.php ');
$db->query ("INSERT into ' testtable ' (ID, content) VALUES (' 1 ', '". $_post[' message '); ");
$query = $db->query ("select * from ' testtable ' where ' id ' = 1;");
$Result = $db->fetch_array ($query);
Echo GET_MAGIC_QUOTES_GPC ().
"A". $_post[' message '.
"B". $Result [' content '];
?>
</body>

Input: Include ('/home/me/myfile ');
Output: 1 A include (\ '/home/me/myfile\ '); B include ('/home/me/myfile ');
Summary: GET_MAGIC_QUOTES_GPC () is equal to 1 of the case, if the input database, and then read directly from the database, you do not make any changes you can get the input string.
3, GET_MAGIC_QUOTES_GPC ()
GET_MAGIC_QUOTES_GPC () on the server is the settings can not be runtime modified, that is, you must be in your Web code in advance to consider a different situation, otherwise, when you submit the data, you do not know that the server gave you a slash did not. The following two popular online functions may be needed, and individuals like the second:
PHP Code:

Copy Code code as follows:

function My_addslashes ($message) {
if (GET_MAGIC_QUOTES_GPC () = = 1) {
return $message;
}else{
if (Is_array ($message) ==true) {
while (list ($key, $value) =each ($message)) {
$message [$key]=my_addslashes ($value);
}
return $message;
}else{
Return addslashes ($message);
}
}
}

PHP Code:

Copy Code code as follows:

function My_addslashes ($data) {
if (!GET_MAGIC_QUOTES_GPC ()) {
Return Is_array ($data) array_map (' addslashes ', $data): Addslashes ($data);
} else {
return $data;
}
}

The simple explanation is that if GET_MAGIC_QUOTES_GPC () is equal to 1 (the server defaults to 1), our string can be stored directly into the library without modification. Otherwise, we use the Addslashes function.