Php addslashes functions and SQL anti-injection

This article mainly introduces the addslashes function and SQL anti-injection in php. The example describes the use of the addslashes function for SQL anti-injection. It provides a good reference value for PHP Security program design, for more information about the addslashes function and SQL anti-injection in php, see the examples in this article. Share it with you for your reference. The specific analysis is as follows:

Addslashes can automatically add "\" to single quotes and double quotation marks, so that we can securely store data into the database without being exploited by hackers. parameter 'a .. z' defines that all uppercase and lowercase letters are escaped. the code is as follows:

The code is as follows:

Echo addcslashes ('foo [] ', 'A. z'); // output: foo []
$ Str = "is your name o 'Reilly? "; // Define a string, including characters to be escaped
Echo addslashes ($ str); // output the escaped string

Definition and usage: the addslashes () function adds a backslash before a specified predefined character.

The predefined characters are: single quotation marks ('), double quotation marks ("), backslash (), and null.

Syntax: addslashes (string). of course, this function is safer. the instance code is as follows:

The code is as follows:

$ Str = "test"; // define a string containing special characters
$ New = htmlspecialchars ($ str, ent_quotes); // Convert
Echo $ new; // output the conversion result
// Used for output
$ Str = "jane & 'tarzance'"; // defines an html string.
Echo html_entity_decode ($ str); // output the converted content
Echo"
";
Echo html_entity_decode ($ str, ent_quotes); // optional parameter output

I hope this article will help you with PHP programming.