PHP's summary of filtering and processing methods for form submission special characters
- 2021-01-02 21:46:55
- OfStack
PHP makes a summary of the processing method of special characters for form submission, mainly involving the combined use of several functions such as htmlspecialchars/addslashes/stripslashes/strip_tags/mysql_real_escape_string, etc., to communicate with everyone.
1. Several PHP functions related to special character processing
The function name
paraphrase
introduce
htmlspecialchars
Put and, single and double quotation marks, greater than and less than in HTML format
&
into
&
"Into"
'to'
<
into
<
>
into
>
htmlentities()
All characters are converted to HTML format
In addition to the above htmlspecialchars characters, also includes double byte characters displayed as encoding, etc.
addslashes
Single and double quotes, backslash and NULL with backslash escape
The characters changed include single quotation marks ('), double quotation marks ("), backslash backslash (\), and null NULL.
stripslashes
Remove backslash characters
Remove backslash characters from the string. If two backslashes are in a row, remove one and leave one. If there is only one backslash, just get rid of it.
quotemeta
Add reference symbol
String containing. \\ + *? Characters such as [^] ($) are preceded by a backslash "\" symbol.
nl2br()
Converts a newline character to
strip_tags
Remove the HTML and PHP tags
Remove any HTML and PHP tags from the string, including anything between the tag blocks. Note that if there is an error in the string HTML and PHP tags, an error is also returned.
mysql_real_escape_string
Escape special characters in the SQL string
Escape \x00 \n \r Spaces \ '" \x1a, effective for multi-byte character handling. mysql_real_escape_string determines the character set, mysql_escape_string does not.