What are the differences between php daddslashes of and saddslashes of
- 2020-05-26 08:00:12
- OfStack
//GPC filter, automatically escapes special characters in $_GET, $_POST, $_COOKIE to prevent SQL injection attacks
$_GET = saddslashes($_GET);
$_POST = saddslashes($_POST);
The following is daddslashes() and saddslashes() An example of eg: saddslashes function daddslashes($string, $force = 0, $strip = FALSE) {
// String or array Whether or not mandatory Whether to remove
// If the magic reference is not enabled or $force Don't for 0
if(!MAGIC_QUOTES_GPC || $force) {
if(is_array($string)) { // If it is 1 An array executes the function in a loop
foreach($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
// If the magic reference is turned on or $force for 0
// The following is 1 a 3 Meta operator if $strip for true execute stripslashes Remove the backslash character and execute again addslashes
//$strip for true , which is to remove the backslash character and then escape $_GET,$_POST,$_COOKIE and $_REQUEST $_REQUEST The array contains the first 3 The value of an array
// Why would you put $here string I'm going to get rid of the backslash and then I'm going to escape, because sometimes $string There could be two backslashes, stripslashes Is to filter out the excess backslash
$string = addslashes($strip ? stripslashes($string) : $string);
}
}
return $string;
}eg: saddslashes function saddslashes($string) { if(!MAGIC_QUOTES_GPC){
if(is_array($string)) { // If you're escaping an array, you're escaping an array value Perform a recursive escape
foreach($string as $key => $val) {
$string[$key] = saddslashes($val);
}
} else {
$string = addslashes($string); // Pair of single quotes ( ' ), double quotation marks ( " ), backslash ( \ ) and NUL ( NULL Character) to escape
}
return $string;
}else{
return $string;
}
The main ones are:
saddslashes can escape every data
function saddslashes($string) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = saddslashes($val);
}
} else {
$string = addslashes($string);
}
return $string;
}