The addslashes function in php adds a diagonal line to the quotation marks in the strings to be processed by the database for the smooth operation of the database query. The modified characters include single quotation marks ('), double quotation marks (& quot;), backslash (\), and NUL (thenullbyte ). The addslashes function in php adds a diagonal line to the quotation marks in the strings to be processed by the database for the smooth operation of the database query. The modified characters include single quotation marks ('), double quotation marks ("), backslash (\), and null character NUL (the null byte ).
Syntax: string addslashes (string str );
1. the expression of addslashes in form submission.
The value of get_magic_quotes_gpc () must be 1. At this time A slash is automatically added to the submitted content.
For example, input 'to \', "to \", \ \\
Example:
PHP code:
Test
Echo get_magic_quotes_gpc ().
"A". $ _ POST ['message'].
"B". stripslashes ($ _ POST ['message']);
?>
Input: include ('/home/me/myfile ');
Output: 1 A include ('/home/me/myfile'); B include ('/home/me/myfile ');
Conclusion: If get_magic_quotes_gpc () is equal to 1, if you do not enter the database, you will get a diagonal line.
2. performance of addslashes when submitting the input database.
Example:
PHP code:
Test
Require_once ('Des/common. php ');
$ Db-> query ("insert into 'testtable' (id, content) VALUES ('1 ','". $ _ POST ['message']. "')");
$ Query = $ db-> query ("select * from 'testtable' where 'id' = 1 ;");
$ Result = $ db-> fetch_array ($ query );
Echo get_magic_quotes_gpc ().
"A". $ _ POST ['message'].
"B". $ Result ['content'];
?>
Input: include ('/home/me/myfile ');
Output: 1 A include ('/home/me/myfile'); B include ('/home/me/myfile ');
Conclusion: If get_magic_quotes_gpc () is equal to 1, you can obtain the input string without making any changes when the input database is directly read from the database.
3, get_magic_quotes_gpc ()
Get_magic_quotes_gpc () is set on the server and cannot be modified by runtime. that is to say, you must consider different situations in your webpage code in advance. otherwise, when you submit data, you do not know whether the server adds a diagonal line to you. The following two popular functions may be needed by everyone. I personally like the second one:
PHP code:
Function my_addslashes ($ message ){
If (get_magic_quotes_gpc () = 1 ){
Return $ message;
} Else {
If (is_array ($ message) = true ){
While (list ($ key, $ value) = each ($ message )){
$ Message [$ key] = my_addslashes ($ value );
}
Return $ message;
} Else {
Return addslashes ($ message );
}
}
}
PHP code:
Function my_addslashes ($ data ){
If (! Get_magic_quotes_gpc ()){
Return is_array ($ data )? Array_map ('addslashes ', $ data): AddSlashes ($ data );
} Else {
Return $ data;
}
}
The simple explanation is that if get_magic_quotes_gpc () is equal to 1 (the server is set to 1 by default), our strings can be directly stored in the database without modification. Otherwise, we will use the addslashes function.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
