Search DaTutorials:  
HOME
Php Tutorials
Articles
Basics
Date and Time
File Manipulations
Forms
Functions
General
Interactivity
MySql
Navigation
News,Shoutboxes and Blogs
Language Structure and Data Types
Searching
Security
String Manipulation
User Information and Stats
Search For a Tutorial
Php Reference

addslashes

(PHP 3, PHP 4 , PHP 5)

addslashes -- Quote string with slashes

Description

string addslashes ( string str)

Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash (\) and NUL (the NULL byte).

An example use of addslashes() is when you're entering data into a database. For example, to insert the name O'reilly into a database, you will need to escape it. Most databases do this with a \ which would mean O\'reilly. This would only be to get the data into the database, the extra \ will not be inserted. Having the PHP directive magic_quotes_sybase set to on will mean ' is instead escaped with another '.

The PHP directive magic_quotes_gpc is on by default, and it essentially runs addslashes() on all GET, POST, and COOKIE data. Do not use addslashes() on strings that have already been escaped with magic_quotes_gpc as you'll then do double escaping. The function get_magic_quotes_gpc() may come in handy for checking this.

Example 1. An addslashes() example

<?php
$str = "Is your name O'reilly?";

// Outputs: Is your name O\'reilly?
echo addslashes($str);
?>

See also stripslashes(), htmlspecialchars(), quotemeta(), and get_magic_quotes_gpc().



Copyright © 2001-2004 The PHP Group
All rights reserved.

     Personal Loans | Mortgage | Bikini Model | Flights | Secured Loans
Home     Link To Us     Ad With Us     Contact Us     Tell A Friend     Affiliates     Blog     MsOfficeHelp