Practical application of MySQL escape characters

Today we mainly describe php and MySQL escape characters. We all know that the actual proportions of php and MySQL escape characters are still the majority. If you use this technology, if you are curious, the following articles will unveil its mysteries.

For details about escape characters in php and MySQL, there is a magic quotes in the setting file, which is opened by default. We recommend that you disable it. At first, the default settings are used to make development easier, and the actual situation is the same.

When the program learns a certain degree, it gradually tends to close this option.

The advantage of doing so is to make the program more logical and easy to control. After the preceding option is enabled, php will escape single quotes, double quotation marks, backslash (/), and null strings, and replace them with: \ '\ "\ 0, this improves security and prevents injection attacks. However, this can be easily done through a program.

When MySQL writes data to the database, it must process the strings and escape the above four types of characters. In this way, if magic quotes is set to on, no escape is required. on the surface, it seems easy, in fact, it is easy to confuse and cause logical confusion. Therefore, we recommend that you set magic quotes to off. For MySQL escape characters, write a simple escape function. This makes it easier to control php and control MySQL.

 

The above content is an introduction to the study of MySQL escape characters. I hope you will get something better.