PHP的mysql_real_escape_string()的等效JavaScript代码是什么? [英] What is the equivalent javascript code for php's mysql_real_escape_string()?

问题描述

mysql_real_escape_string()的等效javascript代码是什么?

What is the equivalent javascript code for mysql_real_escape_string()?

推荐答案

基于 PHP文档对该方法的作用大致相同.但是不建议使用PHP中的mysql_real_escape_string方法.

Based on the PHP documentation of the method this would do roughly the same thing. The method mysql_real_escape_string in PHP is deprecated however.

function mysqlEscape(stringToEscape){
    return stringToEscape
        .replace("\\", "\\\\")
        .replace("\'", "\\\'")
        .replace("\"", "\\\"")
        .replace("\n", "\\\n")
        .replace("\r", "\\\r")
        .replace("\x00", "\\\x00")
        .replace("\x1a", "\\\x1a");
}

不幸的是，根据

Unfortunately that's not exactly what mysql_real_escape_string does according to the 5.6 mysql API docs. It doesn't take into account character encodings among other things.

即使您只使用前两个替换，上述方法也可能会满足您的需求.

The above method will likely do what you're looking for even if you only use the first 2 replaces like so.

function mysqlEscape(stringToEscape){
    return stringToEscape
        .replace("\\", "\\\\")
        .replace("\'", "\\\'");
}

根据mysql文档.

MySQL仅要求转义反斜杠和用于对查询中的字符串加引号的引号字符. mysql_real_escape_string()引用其他字符以使其更易于在日志文件中读取

MySQL requires only that backslash and the quote character used to quote the string in the query be escaped. mysql_real_escape_string() quotes the other characters to make them easier to read in log files

这篇关于PHP的mysql_real_escape_string()的等效JavaScript代码是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！