_php tutorial on how to use PHP MAGIC_QUOTES_GPC

PHP MAGIC_QUOTES_GPC is mainly in the Web customer service, its role time is from the request to start, next we will be specific for you to explain how it is used.
AD:
What we are going to introduce to you today is the specific use of PHP MAGIC_QUOTES_GPC. We all know that in PHP a special function magic function, which in the process of reference only when the transfer of $_get,$_post,$_cookie in the role will occur.
The correct use method of PHP function preg_split
• Understand the specific use of PHP function explode ()
php function implode () differs from the explode () function
How PHP class cms gets keywords automatically
• Explore how the PHP function split () uses regular expressions to cut

1.
Condition: PHP Magic_quotes_gpc=off
The string written to the database has not been processed by any filtering. The string read from the database has not been processed.
Data: $data = "Snow", "Sun"; (There are four consecutive single quotes between snow and sun).
Action: Writes the string: "Snow", "Sun" to the database,
Result: A SQL statement error occurred and MySQL failed to complete the SQL statement and write to the database successfully.
Database save format: no data.
Output data format: no data.
Description: An unhandled single quotation mark causes an error in the SQL statement when it is written to the database.

2.
Condition: PHP Magic_quotes_gpc=off
The string written to the database is processed by the function addlashes (). The string read from the database has not been processed.
Data: $data = "Snow", "Sun"; (There are four consecutive single quotes between snow and sun).
Action: Writes the string: "Snow", "Sun" to the database,
Result: SQL statement executes successfully and data is written to database
Database save format: Snow "Sun" (same as input)
Output data format: Snow "Sun" (same as input)
Description: The Addslashes () function converts the single quotation mark to \ ' escape character to make the SQL statement execute successfully.
But \ ' is not stored as data in the database, the database is saved by snow "' sun instead of what we imagined snow\ ' \ ' \ ' Sun

3.
Condition: PHP Magic_quotes_gpc=on
The string written to the database has not been processed. The string read from the database has not been processed.
Data: $data = "Snow", "Sun"; (There are four consecutive single quotes between snow and sun).
Action: Writes the string: "Snow", "Sun" to the database,
Result: SQL statement executes successfully and data is written to database
Database save format: Snow "Sun" (same as input)
Output data format: Snow "Sun" (same as input)
Description: PHP Magic_quotes_gpc=on an escape character that converts the single quotation mark to \ ' to make the SQL statement execute successfully.
But \ ' not as data into the database, the database is saved by snow "' sun instead of our imagined snow\ ' \ ' \ '" Sun.

4.
Condition: PHP Magic_quotes_gpc=on
The string written to the database is processed by the function addlashes (). The string read from the database has not been processed.
Data: $data = "Snow", "Sun"; (There are four consecutive single quotes between snow and sun).
Action: Writes the string: "Snow", "Sun" to the database,
Result: SQL statement executes successfully and data is written to database
Database save format: snow\ ' \ ' \ ' \ ' Sun (added escape character)
Output data format: snow\ ' \ ' \ ' \ ' Sun (added escape character)
Description: PHP Magic_quotes_gpc=on an escape character that converts the single quotation mark to \ ' to make the SQL statement execute successfully.
Addslashes also converts the single quotation marks that will be written to the database to \ ', which is written as data
Database, the database is saved snow\ ' \ ' \ ' \ ' Sun

Summarized as follows:
1. In the case of PHP magic_quotes_gpc=on,
We can not make the string data of the input and output database
Addslashes () and Stripslashes (), the data will also be displayed normally.
If you do a addslashes () processing of the input data at this time,
Then you must use Stripslashes () to remove the extra backslash when outputting.

2. In the case of PHP Magic_quotes_gpc=off
The input data must be processed using addslashes (), but does not require the use of stripslashes () to format the output
Because Addslashes () did not write the backslash to the database, it only helped MySQL complete the execution of the SQL statement.

Add:
PHP MAGIC_QUOTES_GPC Scope is: Web client server; Action time: When the request starts, such as when the script is running.
Magic_quotes_runtime: Data read from a file or executed by exec () or from a SQL query; time: Every time the script accesses the data generated in the running state

http://www.bkjia.com/PHPjc/327805.html www.bkjia.com true http://www.bkjia.com/PHPjc/327805.html techarticle PHP MAGIC_QUOTES_GPC is mainly in the Web customer service, its role time is from the request to start, next we will be specific for you to explain how it is used. AD: Today we ...

