在mysql_real_escape_string之后使用反斜杠 [英] Using stripslashes after mysql_real_escape_string
问题描述
我必须在表单上转义一些输入.我使用mysql_real_escape_string来转义该值,但它在数据库中的值上添加了很多斜杠,原因是我在输入中加了撇号,让我们说一下exp's.
I have to escape some inputs on a form. I used mysql_real_escape_string to escape the value but it adds a lot slashes with value inside database, the reason is i have an apostrophe in my input let us say exp's.
现在要摆脱斜杠,我在mysql_real_escape_string之后使用反斜杠,然后数据成功进入数据库,并且看不到数据库中有任何撇号.
Now to get rid of slashes, I use stripslashes after mysql_real_escape_string and then data goes to database successfully and don't see any apostrophe with value in database.
$name = mysql_real_escape_string(trim($_POST['userame']));
$name = stripslashes(stripslashes($userame));
//然后将数据成功地发送到db而不带撇号
// then data goes to db successfully without apostrophe
我只是想确认一下,这是转义输入值的正确方法吗?谢谢
I just wanted to confirm, is this correct way of escaping the input value? Thanks
达扬
推荐答案
- 禁用魔术引号
-
mysql_real_escape_string(stripslashes($_POST['username']));
- Disabling Magic Quotes
mysql_real_escape_string(stripslashes($_POST['username']));
这篇关于在mysql_real_escape_string之后使用反斜杠的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
