How to escape string in php

Methods for escaping strings in php: 1. Using the "//m.sbmmt.com/m/faq/\" escape character, the first character immediately following "//m.sbmmt.com/m/faq/\" will become a meaningless or special meaning character; 2. Use addslashes() function, syntax "addslashes($str)".

The operating environment of this tutorial: windows7 system, PHP7.1 version, DELL G3 computer

In the process of PHP programming, we often encounter When encountering such a problem, inserting data into the database may cause some problems, such as errors or garbled characters. This is because the database interprets characters in the incoming data as control characters. To solve this problem, you need to use a mark or escape these special characters.

PHP provides technology specifically to deal with these problems. There are two methods of escaping and restoring strings. One is to manually escape and restore strings, and the other is to automatically escape and restore. string.

Method 1: Manually escape and restore strings

Strings can use single quotes ' ', double quotes " ", delimiters

\ is an escape character, and the first character immediately following \ will become a character with no meaning or special meaning. For example, ' is a special symbol that defines a string, but when written as \', it loses its function of defining a string and becomes an ordinary single quote. We can use echo "\'"; to output a single quote, and the escape character \ will not be displayed.

[Example] Use the escape word \ to escape the string.

<?php
header("Content-type:text/html;charset=utf-8");
echo &#39;Name：\&#39;php中文网\&#39;<br>Url：\&#39;//m.sbmmt.com//\&#39;&#39;;
?>

The running results are as follows:

#For simple strings, it is recommended to use manual methods to escape strings, and for characters with large amounts of data string, it is recommended to use the automatic escape function to escape the string.

2. Automatic escaping and restoration of strings

Automatic escaping and restoration of strings can be achieved using the addslashes() function and stripslashes() function provided by PHP.

addslashes() The function is to add \ to the string and escape the specified string. The syntax format is as follows:

addslashes($str)

addslashes() In the string returned by the function, in order For the needs of database query and other statements, backslashes will be added before certain characters. These characters are single quotation mark ', double quotation mark ", backslash \ and NULL.

The role of stripslashes() function It is to restore an escaped string, that is, to remove the backslash added to the string. The syntax format is as follows:

stripslashes($str)

stripslashes() function will return a character after removing the escaped backslash. String (\' is converted to ', double backslash\\ is converted to a single backslash\).

[Example] Use the addslashes() function to escape the string, and then use stripslashes() function to restore.

<?php
header("Content-type:text/html;charset=utf-8");
$sql = "select * from php where website=&#39;php中文网&#39;";
$str = addslashes($sql);
echo $str.&#39;<br>&#39;;
$str = stripslashes($str);
echo $str;
?>

The running results are as follows:

Recommended learning: "PHP Video Tutorial"

The above is the detailed content of How to escape string in php. For more information, please follow other related articles on the PHP Chinese website!