Analysis on the security principle of using addslashes function escape in PHP, and addslashes escape

Analysis on the security principle of using addslashes function escape in PHP, and addslashes escape

This article describes the security principle of using addslashes function escape in PHP. Share it with you for your reference. The specific analysis is as follows:

Let's take a look at the prototype of addslashes_deep in ECshop.

Copy codeThe Code is as follows: function addslashes_deep ($ value ){
If (empty ($ value )){
Return $ value; // if it is null, return directly;
} Else {
Return is_array ($ value )? Array_map ('addslashes _ deep ', $ value): addslashes ($ value );
} // Recursively process the array until all array elements are traversed;
}
The addslashes_deep function is no problem, but you must pay attention to it when using it.
Today, we also saw a BUG injection vulnerability on the Internet about using this function.
When this function references the callback function addslashes, only the data values are escaped. Therefore, if the user references the array key for specific processing during this process, there is a risk of $ key injection, in this case, you can change the addslashes_deep function to escape the key value at the same time, or explicitly do not reference the key content during use.

I hope this article will help you with PHP programming.

Use of the addslashes () function in php

Addslashes -- use a backslash to reference a string

String addslashes (string str)

Returns a string that requires a backslash before certain characters for database query statements. These characters are single quotation marks ('), double quotation marks ("), backslash (\), and NUL (NULL ).

An example of using addslashes () is when you want to input data into the database. For example, insert the name 'Reilly into the database, which requires escaping. Most databases use \ as the Escape Character: O \ 'Reilly. In this way, the data can be put into the database without inserting additional \. When the PHP Command magic_quotes_sybase is set to on, it means that when 'is inserted,' is used for escape.

By default, the PHP Command magic_quotes_gpc is on, which automatically runs addslashes () on all GET, POST, and COOKIE data (). Do not use addslashes () for strings that have been escaped by magic_quotes_gpc, because this causes double-layer escape. In this case, you can use the get_magic_quotes_gpc () function for detection.

Addslashes cannot be raised normally after escaping. How can this problem be solved?

Check whether it is necessary to reference a string escaped by addcslashes. The stripcslashes function can be used to unbind the string.