Character escape problems such as the string [td] ForGod \ 'ssake! [/Td] I escaped single quotes and saved them to the database. When the article is displayed, it is found that the article contains an escape slash. Without escaping, it is saved directly to the database. sometimes it is wrong to insert data into the database. What should I do? // Escape the conversion of some special characters functionformat_h
Such as string
[Td]
God \'sSake! [/Td]
I escaped single quotes and saved them to the database.
When the article is displayed, it is found that the article contains an escape slash.
Without escaping, it is saved directly to the database. sometimes it is wrong to insert data into the database. What should I do?
// Convert some special characters
Function format_html ($ str ){
$ Str = str_replace (',', $ str );
$ Str = str_replace ('"', '"', $ str );
$ Str = str_replace ('·', '·', $ str );
$ Str = str_replace (''', ''', $ str );
$ Str = str_replace (''', ''', $ str );
$ Str = str_replace ('... ','... ', $ Str );
$ Str = str_replace ('-;', '-', $ str );
Return $ str;
}
In addition, does php have built-in functions that can achieve the same effect as my above functions? Because the above conversion is not complete.
------ Solution --------------------
PHP code
$ Str = "For God's sake! "; // When receiving data... insert into tb... col = '". addslashes ($ str ). "'... // echo htmlspecialchars ($ str );
------ Solution --------------------
Mysql_real_escape_string
------ Solution --------------------
Discussion
Mysql_real_escape_string
