This article introduces the solution to the problem of automatically escaping characters when passing parameters in the form post method in PHP. Friends in need can learn from it. Problem description: Enter the mysql statement from the form, and then submit it to the PHP program. The PHP program will make the corresponding query and return the results. When using it, you will find that if there are special characters (such as '' "", etc.) entered in the form, PHP will automatically add them to the form. Add the escape character "" in front of it, but once it is added, you can no longer use this statement to make SQL queries. Solution: Enter in the form: select * from device_information where manager_team regexp 'huawei'
Copy after login
After printing it becomes: select * from device_information where manager_team regexp \'huawei\'
Copy after login
Check the php.ini file, the value of the magic_quotes_gpc option should be on. You can consider using the stripslashes function to solve this problem. The above is the solution to the problem of automatically adding escape characters when passing parameters in PHP form POST. For more related content, please pay attention to the PHP Chinese website (m.sbmmt.com)! |