Introduction to the use of PHP daddslashes
- 2020-05-26 08:00:22
- OfStack
Example code:
PHP provides two convenient we reference data of magic reference function magic_quotes_gpc and magic_quotes_runtime, these two functions if the php ini set to ON, will be for our reference data against a single and double quotes "and automatically add backslash," \ \ help us automatically translate symbol, to ensure the proper operation of the data operation, but we in php different versions or different server configuration, Some magic_quotes_gpc and magic_quotes_runtime are set to on and some are off, so the program we write must conform to both on and off. So what's the difference between magic_quotes_gpc and magic_quotes_runtime? Look at the following instructions:
The magic_quotes_gpc and magic_quotes_runtime functions are different
magic_quotes_gpc
Scope of effect: web customers
The service side;
Effect time: the request starts when, for example, the script is running.
magic_quotes_runtime
Scope: data read from a file or obtained from an SQL query;
Duration: each time the script accesses the data generated in the running state.
Therefore, the set value of magic_quotes_gpc will affect the data obtained through Get/Post/Cookies. The set value of magic_quotes_runtime will affect the data read from the file or obtained from the database query
Examples:
The key difference is the two points mentioned above: they are dealing with different objects
The set value of magic_quotes_gpc will affect the data obtained through Get/Post/Cookies
The set value of magic_quotes_runtime will affect data read from a file or retrieved from a database query
Here are a few functions to associate:
set_magic_quotes_runtime():
Set magic_quotes_runtime value. 0= off.1= on. The default is off.
get_magic_quotes_gpc():
View magic_quotes_gpc value.0= close.1= open
get_magic_quotes_runtime():
View the magic_quotes_runtime value. 0 is off.1 is on.
Note that there is no set_magic_quotes_gpc(), so you cannot set magic_quotes_gpc.
@set_magic_quotes_runtime(0);
$MQG = get_magic_quotes_gpc();
if(!$MQG && $_POST) $_POST = daddslashes($_POST);
if(!$MQG && $_GET) $_GET = daddslashes($_GET);
// Translate the character function
function daddslashes($string) {
if(!is_array($string)) return addslashes($string);
foreach($string as $key => $val) $string[$key] = daddslashes($val);
return $string;
}
PHP provides two convenient we reference data of magic reference function magic_quotes_gpc and magic_quotes_runtime, these two functions if the php ini set to ON, will be for our reference data against a single and double quotes "and automatically add backslash," \ \ help us automatically translate symbol, to ensure the proper operation of the data operation, but we in php different versions or different server configuration, Some magic_quotes_gpc and magic_quotes_runtime are set to on and some are off, so the program we write must conform to both on and off. So what's the difference between magic_quotes_gpc and magic_quotes_runtime? Look at the following instructions:
The magic_quotes_gpc and magic_quotes_runtime functions are different
magic_quotes_gpc
Scope of effect: web customers
The service side;
Effect time: the request starts when, for example, the script is running.
magic_quotes_runtime
Scope: data read from a file or obtained from an SQL query;
Duration: each time the script accesses the data generated in the running state.
Therefore, the set value of magic_quotes_gpc will affect the data obtained through Get/Post/Cookies. The set value of magic_quotes_runtime will affect the data read from the file or obtained from the database query
Examples:
$data1 = $_POST['aaa'];
$data2 = implode(file('1.txt'));
if(get_magic_quotes_gpc()){
// The data $data1 Write directly to the database ( Automatic translation )
}else{
$data1 = addslashes($data1);
// The data $data1 Write to the database using the function (addslashes() translation )
}
if(get_magic_quotes_runtime()){
// The data $data2 Write directly to the database ( Automatic translation )
// The data read from the database goes through 1 time stripslashes() After the output stripslashes() The function is to get rid of it :\ , and addslashes() opposite
}else{
$data2 = addslashes($data2);
// The data $data2 Write to database
// The data read from the database is output directly
}
The key difference is the two points mentioned above: they are dealing with different objects
The set value of magic_quotes_gpc will affect the data obtained through Get/Post/Cookies
The set value of magic_quotes_runtime will affect data read from a file or retrieved from a database query
Here are a few functions to associate:
set_magic_quotes_runtime():
Set magic_quotes_runtime value. 0= off.1= on. The default is off.
get_magic_quotes_gpc():
View magic_quotes_gpc value.0= close.1= open
get_magic_quotes_runtime():
View the magic_quotes_runtime value. 0 is off.1 is on.
Note that there is no set_magic_quotes_gpc(), so you cannot set magic_quotes_gpc.