Reprint: http://www.jb51.net/article/39092.htm
What to look for when data is put into the database and taken out to display on the page
When in storage
$str =addslashes ($STR);
$sql =\ "INSERT INTO ' tab ' (' Content ') VALUES (\ ' $str \ ') \";
When you are out of the library
$str =stripslashes ($STR);
when displayed
$str =htmlspecialchars (NL2BR ($STR));
<?
//--title, name and other fields for inbound processing (go-to spaces)
Functiontrans_string_trim ($STR) {
$str =trim ($STR);
$str =eregi_replace ("'", "'", $str);
$str =stripslashes ($STR);
RETURN$STR;
}
//--Article warehousing processing, that is, the textarea field;
Functiontrans_string ($STR) {
$str =eregi_replace ("'", "'", $str);
$str =stripslashes ($STR);
RETURN$STR;
}
//--is displayed in the form from the library, in the text in the trans, in the textarea, without conversion, directly display
--Displays the Web page, filters the HTML code, including the link address
Functiontrans ($string) {
$string =htmlspecialchars ($string);
$string =ereg_replace (CHR), "<br>", $string);
$string =ereg_replace (CHR), "", $string);
return$string;
}
--Display in Web page, do not filter HTML code;
Functiontrans_web ($string) {
$string =ereg_replace (CHR), "<br>", $string);
$string =ereg_replace (CHR), "", $string);
return$string;
}
//--Display in Web pages, filtering HTML code and trailing spaces, primarily for displaying user nicknames
Functiontrans_trim ($string) {
$string =trim ($string);
$string =htmlspecialchars ($string);
$string =ereg_replace (CHR), "<br>", $string);
$string =ereg_replace (CHR), "", $string);
return$string;
}
//--displayed in span;
Functiontrans_span ($string) {
$string =ereg_replace (CHR), "\ n", $string);
$string =ereg_replace (CHR), "", $string);
$string =ereg_replace (' "'," "" ", $string);
return$string;
}
//--Display cookies on the web, filtering HTML
Functiontrans_cookie ($STR) {
$str =trans ($STR);
$str =stripslashes ($STR);
$str =eregi_replace ("'" "," ' ", $str);
RETURN$STR;
}
?>
PHP parsing inbound and outbound libraries