|
addslashes() 函数在指定的预定义字符前添加反斜杠。换句话说就是字符转义,屏蔽掉特定字符。。。。 这些预定义字符是: 单引号 (') 双引号 (") 反斜杠 (\) NULL 提示和注释 提示:该函数可用于为存储在数据库中的字符串以及数据库查询语句准备合适的字符串。 注释:默认情况下,PHP 指令 magic_quotes_gpc 为 on,对所有的 GET、POST 和 COOKIE 数据自动运行 addslashes()。不要对已经被 magic_quotes_gpc 转义过的字符串使用 addslashes(),因为这样会导致双层转义。遇到这种情况时可以使用函数 get_magic_quotes_gpc() 进行检测。 例子 在本例中,我们要向字符串中的预定义添加反斜杠: <?php $str = "Who's John Adams?"; echo $str . " This is not safe in a database query."; echo addslashes($str) . " This is safe in a database query."; ?> 输出: Who's John Adams? This is not safe in a database query. Who\'s John Adams? This is safe in a database query. PHP官方介绍======== http://www.php.net/manual/en/function.addslashes.php addslashes (PHP 4, PHP 5) addslashes — Quote string with slashes string addslashes ( string $str ) Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash (\) and NUL (the NULL byte). An example use of addslashes() is when you're entering data into a database. For example, to insert the name O'reilly into a database, you will need to escape it. It's highly recommeneded to use DBMS specific escape function (e.g. mysqli_real_escape_string() for MySQL or pg_escape_string() for PostgreSQL), but if the DBMS you're using does't have an escape function and the DBMS uses \ to escape special chars, you can use this function. This would only be to get the data into the database, the extra \ will not be inserted. Having the PHP directive magic_quotes_sybase set to on will mean ' is instead escaped with another '. The PHP directive magic_quotes_gpc is on by default, and it essentially runs addslashes() on all GET, POST, and COOKIE data. Do not use addslashes() on strings that have already been escaped with magic_quotes_gpc as you'll then do double escaping. The function get_magic_quotes_gpc() may come in handy for checking this. 例子 <?php $str = "Is your name O'reilly?"; // Outputs: Is your name O\'reilly? echo addslashes($str); ?> (责任编辑:admin) |