PHP summarizes the handling methods for special characters in Form submission, mainly involving htmlspecialchars, addslashes, stripslashes, strip_tags, mysql_real_escape_string, and other functions for joint use.
I. Several PHP functions related to special character processing
Function Name |
Meaning |
Introduction |
Htmlspecialchars |
Convert the Ampersand, single double quotation marks, greater than or less than sign into HTML Format |
& Convert & "Convert" 'Convert' <Converted to < > Convert to> |
Htmlentities () |
Convert all characters to HTML Format |
In addition to the above htmlspecialchars characters, the two-byte characters are also displayed as encoding. |
|
|
|
Addslashes |
Double quotation marks, backslash, and NULL plus backslash escape |
The modified characters include single quotation marks ('), double quotation marks ("), backslash (\), and NULL. |
Stripslashes |
Remove backslash characters |
Removes the backslash from the string. If there are two backslash lines in a row, remove one and leave one. If there is only one backslash, remove it directly. |
|
|
|
Quotemeta |
Add a reference symbol |
Include. \ + * in the string *? [^] ($) And other characters are preceded by the Backslash "\" symbol. |
Nl2br () |
Convert line breaks
|
|
Strip_tags |
Remove HTML and PHP tags |
Remove any HTML and PHP tags in the string, including the contents between Mark blocking. Note: If the HTML and PHP tags of the string are incorrect, an error is returned. |
Mysql_real_escape_string |
Escape special characters in SQL strings |
Escape \ x00 \ n \ r space \ '"\ x1a, which is very effective for processing multi-byte characters. Mysql_real_escape_string determines the character set, and mysql_escape_string does not need to be considered. |