Sophie

Sophie

distrib > Mageia > 7 > armv7hl > by-pkgid > 2b917e0437961edec048f1d15e2d7449 > files > 2514

php-manual-en-7.2.11-1.mga7.noarch.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <title>Quote string with slashes</title>

 </head>
 <body><div class="manualnavbar" style="text-align: center;">
 <div class="prev" style="text-align: left; float: left;"><a href="function.addcslashes.html">addcslashes</a></div>
 <div class="next" style="text-align: right; float: right;"><a href="function.bin2hex.html">bin2hex</a></div>
 <div class="up"><a href="ref.strings.html">String Functions</a></div>
 <div class="home"><a href="index.html">PHP Manual</a></div>
</div><hr /><div id="function.addslashes" class="refentry">
 <div class="refnamediv">
  <h1 class="refname">addslashes</h1>
  <p class="verinfo">(PHP 4, PHP 5, PHP 7)</p><p class="refpurpose"><span class="refname">addslashes</span> &mdash; <span class="dc-title">Quote string with slashes</span></p>

 </div>
 
 <div class="refsect1 description" id="refsect1-function.addslashes-description">
  <h3 class="title">Description</h3>
  <div class="methodsynopsis dc-description">
   <span class="type">string</span> <span class="methodname"><strong>addslashes</strong></span>
    ( <span class="methodparam"><span class="type">string</span> <code class="parameter">$str</code></span>
   )</div>

  <p class="para rdfs-comment">
   Returns a string with backslashes added before characters that need to be
   escaped. These characters are:
   <ul class="simplelist">
    <li class="member">single quote (<em>&#039;</em>)</li>
    <li class="member">double quote (<em>&quot;</em>)</li>
    <li class="member">backslash (<em>\</em>)</li>
    <li class="member">NUL (the NUL byte)</li>
   </ul>
  </p>
  <p class="para">
   A use case of <span class="function"><strong>addslashes()</strong></span> is escaping the aforementioned
   characters in a string that is to be evaluated by PHP:
   <div class="informalexample">
    <div class="example-contents">
<div class="phpcode"><code><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br />$str&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"O'Reilly?"</span><span style="color: #007700">;<br />eval(</span><span style="color: #DD0000">"echo&nbsp;'"&nbsp;</span><span style="color: #007700">.&nbsp;</span><span style="color: #0000BB">addslashes</span><span style="color: #007700">(</span><span style="color: #0000BB">$str</span><span style="color: #007700">)&nbsp;.&nbsp;</span><span style="color: #DD0000">"';"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</code></div>
    </div>

   </div>
  </p>
  <p class="para">
   Prior to PHP 5.4.0, the PHP directive <a href="info.configuration.html#ini.magic-quotes-gpc" class="link">magic_quotes_gpc</a>
   was <em>on</em> by default and it essentially ran <span class="function"><strong>addslashes()</strong></span>
   on all GET, POST and COOKIE data.
   <span class="function"><strong>addslashes()</strong></span> must not be used on strings that have already
   been escaped with <a href="info.configuration.html#ini.magic-quotes-gpc" class="link">magic_quotes_gpc</a>,
   as the strings will be double escaped. <span class="function"><a href="function.get-magic-quotes-gpc.html" class="function">get_magic_quotes_gpc()</a></span> can be used to check
   if <a href="info.configuration.html#ini.magic-quotes-gpc" class="link">magic_quotes_gpc</a> is <em>on</em>.
  </p>
  <p class="para">
   The <span class="function"><strong>addslashes()</strong></span> is sometimes incorrectly used to try to prevent
   <a href="security.database.sql-injection.html" class="link">SQL Injection</a>. Instead,
   database-specific escaping functions and/or prepared statements should be used.
  </p>
 </div>


 <div class="refsect1 parameters" id="refsect1-function.addslashes-parameters">
  <h3 class="title">Parameters</h3>
  <p class="para">
   <dl>

    
     <dt>
<code class="parameter">str</code></dt>

     <dd>

      <p class="para">
       The string to be escaped.
      </p>
     </dd>

    
   </dl>

  </p>
 </div>


 <div class="refsect1 returnvalues" id="refsect1-function.addslashes-returnvalues">
  <h3 class="title">Return Values</h3>
  <p class="para">
   Returns the escaped string.
  </p>
 </div>


 <div class="refsect1 examples" id="refsect1-function.addslashes-examples">
  <h3 class="title">Examples</h3>
  <p class="para">
   <div class="example" id="example-6019">
    <p><strong>Example #1 An <span class="function"><strong>addslashes()</strong></span> example</strong></p>
    <div class="example-contents">
<div class="phpcode"><code><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br />$str&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"Is&nbsp;your&nbsp;name&nbsp;O'Reilly?"</span><span style="color: #007700">;<br /><br /></span><span style="color: #FF8000">//&nbsp;Outputs:&nbsp;Is&nbsp;your&nbsp;name&nbsp;O\'Reilly?<br /></span><span style="color: #007700">echo&nbsp;</span><span style="color: #0000BB">addslashes</span><span style="color: #007700">(</span><span style="color: #0000BB">$str</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</code></div>
    </div>

   </div>
  </p>
 </div>


 <div class="refsect1 seealso" id="refsect1-function.addslashes-seealso">
  <h3 class="title">See Also</h3>
  <p class="para">
   <ul class="simplelist">
    <li class="member"><span class="function"><a href="function.stripcslashes.html" class="function" rel="rdfs-seeAlso">stripcslashes()</a> - Un-quote string quoted with addcslashes</span></li>
    <li class="member"><span class="function"><a href="function.stripslashes.html" class="function" rel="rdfs-seeAlso">stripslashes()</a> - Un-quotes a quoted string</span></li>
    <li class="member"><span class="function"><a href="function.addcslashes.html" class="function" rel="rdfs-seeAlso">addcslashes()</a> - Quote string with slashes in a C style</span></li>
    <li class="member"><span class="function"><a href="function.htmlspecialchars.html" class="function" rel="rdfs-seeAlso">htmlspecialchars()</a> - Convert special characters to HTML entities</span></li>
    <li class="member"><span class="function"><a href="function.quotemeta.html" class="function" rel="rdfs-seeAlso">quotemeta()</a> - Quote meta characters</span></li>
    <li class="member"><span class="function"><a href="function.get-magic-quotes-gpc.html" class="function" rel="rdfs-seeAlso">get_magic_quotes_gpc()</a> - Gets the current configuration setting of magic_quotes_gpc</span></li>
   </ul>
  </p>
 </div>


</div><hr /><div class="manualnavbar" style="text-align: center;">
 <div class="prev" style="text-align: left; float: left;"><a href="function.addcslashes.html">addcslashes</a></div>
 <div class="next" style="text-align: right; float: right;"><a href="function.bin2hex.html">bin2hex</a></div>
 <div class="up"><a href="ref.strings.html">String Functions</a></div>
 <div class="home"><a href="index.html">PHP Manual</a></div>
</div></body></html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional