存储在 MySQL 中的 URL 为每个正斜杠返回额外的反斜杠 (a/b.png => a\/b.png) [英] Url stored in MySQL returns with extra backslash for each forward slash ( a/b.png => a\/b.png)

问题描述

我有一个带有 URL 字段的 MySql 数据库，该字段具有带正斜杠的普通 URL.当我使用 PHP Web 服务获取 URL 数据时，它会为每个正斜杠显示一个反斜杠:

I have a MySql database with a URL field that has normal URLs with forward slashes. When I get the URL data with PHP web service it shows up with a backward slash for each forward slash:

http://example.com/iphone/images/test.png

显示为

http:\/\/example.com\/iphone\/images\/test.png

可能是什么问题?

这是获取我的数据的函数.

Here is the function that gets my data.

function getdata() {

    // Check for required parameters
    if (isset($_POST["genre"])) {

        // Put parameters into local variables
        $genre = $_POST["genre"];

        // Final result array
        $final_result = array();

        // Look up in database
        $user_id = 0;
        $stmt = $this->db->prepare('SELECT ID, BAND, VENUE, GENRE, DATE, THUMBNAIL_URL, DESCRIPTION FROM shows WHERE GENRE=?');
        $stmt->bind_param("s", $genre);
        $stmt->execute();
        $stmt->bind_result($id, $band_result, $venue_result, $genre, $date, $thumbnail_url, $description);
        while ($stmt->fetch()) {


            $thumbnail_url = stripslashes($thumbnail_url);

            $result = array(
            "id" => $id, "band" => $band_result, "venue" => $venue_result, "genre" => $genre, "date" => $date, "thumbnail_url" => $thumbnail_url, "description" => $description,
            );
            $final_result[] = $result;
            continue;
        }
        $stmt->close();





        sendResponse(200, json_encode($final_result));
        return true;
    }
    sendResponse(400, 'Invalid request');
    return false;
}

推荐答案

发生这种情况的原因是您的主机很可能具有 magic_quotes 已启用，它可以从主机更改为主机.(通过转义用户提交的输入来增强安全性的徒劳尝试).

The reason this can happen is your host most likely has magic_quotes enabled and it can change from host to host. (a futile attempt to strengthen security by escaping user submitted inputs).

所以最好检查它是否启用.(特别是当你的脚本达到其他配置时)

So its always best to check if its enabled. (especially if your script reaches other configurations)

然后如果在插入数据库之前处理去除不需要的额外斜杠，仍然总是使用 mysql_real_escape_sting() 或 PDO 准备语句 转义到数据库中，否则会出现错误或 mysql 注入将随之而来.

Then if so handle the stripping of thos unwanted extra slashes before you insert into database, still always use mysql_real_escape_sting() or PDO prepared statements to escape into the database else errors or mysql injections will follow.

if(get_magic_quotes_gpc()) {
  $genre = stripslashes($_POST["genre"]);
}

这篇关于存储在 MySQL 中的 URL 为每个正斜杠返回额外的反斜杠 (a/b.png => a\/b.png)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！