ThinkPHP automatically escapes when submitting a form

This article mainly introduces how ThinkPHP automatically escapes when submitting a form. it can solve the problem of automatic transfer of single quotes and double quotes. It provides two solutions for comparison and selection, it has some practical value. if you need it, you can refer to the examples in this article to describe how ThinkPHP automatically escapes when submitting a form. Share it with you for your reference. The specific method is as follows:

I. problems:

When submitting a form to insert data in ThinkPHP, single quotation marks and double quotation marks are automatically escaped, that is, the backslash is automatically added, but I do not want to add a backslash to single quotation marks and double quotation marks.

When submitting a form to insert data in ThinkPHP, single quotes and double quotes are automatically escaped, that is, the backslash is automatically added, but I do not want to add a backslash to single quotes and double quotes, when submitting a form to insert data in ThinkPHP, single quotes and double quotes are automatically escaped, that is, the backslash is automatically added, but I do not want to add a backslash to single quotes and double quotes, for example, hds "gh" j 'G' h is automatically escaped as hds \ "gh \" j \ 'G \ 'h.

Please note that you need to cancel this escape function, instead of using the stripslashes () function to delete these backslashes, that is, you do not need the official automatic escape function.

II. solution:

Find the solution on the Internet:

1. open the thinkphp \ Lib \ Driver \ Db directory in sequence under the ThinkPHP directory, and modify the function of the escapeString function in the file dbmysql. class. php:

The code is as follows:

Public function escapeString ($ str ){
// Modify the double escape of double quotation marks for a week.
If (! Get_magic_quotes_gpc ()){
If ($ this-> _ linkID ){
Return mysql_real_escape_string ($ str, $ this-> _ linkID );
} Else {
Return mysql_escape_string ($ str );
}
} Else {
Return $ str;
}
}

Original function:

The code is as follows:

Public function escapeString ($ str ){
// Modify the double escape of double quotation marks for a week.
If ($ this-> _ linkID ){
Return mysql_real_escape_string ($ str, $ this-> _ linkID );
} Else {
Return mysql_escape_string ($ str );
}
}

2. add the following to a public file:

The code is as follows:

// Prevents double escaping
If (get_magic_quotes_gpc ()){
Function stripslashes_deep ($ value ){
$ Value = is_array ($ value )?
Array_map ('stripslashes _ deep ', $ value ):
Stripslashes ($ value );
Return $ value;
}
$ _ POST = array_map ('stripslashes _ deep ', $ _ POST );
$ _ GET = array_map ('stripslashes _ deep ', $ _ GET );
$ _ COOKIE = array_map ('stripslashes _ deep ', $ _ COOKIE );
}

Note: If escape is enabled on the server, the double escape Bug will occur in the program after thinkphp is escaped again.

After modification, the background input of my website program is no problem. it seems that if Thinkphp is used in the future, note that if the server enables single or double quotation marks filtering, it may conflict with ThinkPHP. Therefore, you can solve this problem by adding a layer of judgment.

I hope this article will help you with ThinkPHP framework programming.