PHP escape.

Recommended for you: Get network issues from WhatsUp Gold. Not end users.

Data in PHP magic Quote function magic_quotes_gpc  or magic_quotes_runtime     

When set to on, for our reference data with single quotes' and double quotes and the backslash \ "automatically add backslashes, help us automatic translation to ensure the correct operation of the symbol, the difference between
the data operation.:

Scope: WEB client;
time: requests started, such as when the script is running.

Scope: read from file data or execute exec () results or is obtained from SQL in the query;
time: every time when the script to access data in the running state.

We can see that the
magic_quotes_gpc setting
magic_quotes_runtime will affect the data obtained by Get/Post/Cookies setting will affect the read from the data in a file or data obtained from a database query

Some function associated:

Set the value of magic_quotes_runtime. 0=.1= turn off. The default is off. Can echo phpinfo (see magic_quotes_runtime);
Get_magic_quotes_gpc ():
The magic_quotes_gpc value.0=.1= turn off
Get_magic_quotes_runtime ():
The magic_quotes_runtime value. 0=.1= turn off.
Note there is no set_magic_quotes_gpc () this function, is not set in the program inside the value magic_quotes_gpc.

Because the two setting, will give the programming caused some confusion or adds an escape, in view of this situation, need to be set and judgment at the beginning of the program, or the default configuration of the
the two values are closed. The escaped part is performed by the program.

To ensure that the data into the data of normal usually use the addslashes to handle the data read, use stripslashes to fall with a backslash

Similar character conversion function in PHP
addslashes                                                add the backslash predefined character before the specified
stripslashes                                              deletion by addslashes () function to add the backslash
htmlspecialchars                              to some predefined characters are converted to HTML entity
htmlspecialchars_decode  converting some predefined HTML entity for the character
html_entity_decode ( );             the HTML entity into the character
htmlentities ( );                                       the characters to HTML entities

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Posted by Lee at October 23, 2013 - 6:58 PM