堆栈内存溢出
  简体   繁体   English

如何在PHP中使用mysqli_real_escape_string()转义除换行符以外的所有字符?

[英]How to use mysqli_real_escape_string() in PHP to escape all characters except newline?

 原文  2019-03-25 06:35:39       php/ mysqli

问题描述

I have a text input which can contain special chars that needs to be escaped. 我有一个文本输入,其中可以包含需要转义的特殊字符。 But I also want to preserve the newlines. 但是我也想保留换行符。 Using PHP's mysql_real_escape_string(), how is it possible to ignore the newline ('\\n') from escaping. 使用PHP的mysql_real_escape_string(),如何可以避免换行符('\\ n')的转义。

From the official docs of PHP on mysqli_real_escape_string : 从PHP的官方文档 (关于mysqli_real_escape_string 

mysqli_real_escape_string ( mysqli $link , string $escapestr ) : string

escapestr: The string to be escaped. escapestr:要转义的字符串。

Characters encoded are NUL (ASCII 0), \\n, \\r, \\, ', ", and Control-Z. 编码的字符为NUL(ASCII 0),\\ n,\\ r,\\,',“和Control-Z。

How is it possible to omit the \\n from this list but keeping the others intact? 如何从此列表中省略\\n但保持其他完整无缺?

2 个解决方案

解决方案1
 1 已采纳  2019-03-25 07:12:44

Solution 1: You can achieve this by: 解决方案1:您可以通过以下方法实现此目的:

  • Explode your string to array using \\n . 使用\\n将您的字符串分解为数组。
  • Loop the array and have each item escaped. 循环数组,使每个项目都转义。
  • Put them back using Implode and \\n as glue. 使用Implode和\\n作为胶水将它们放回去。

Code: 码: 

<?php
  $array = explode('\n',$stringToEscape);
  $index = 0;
  foreach($array as $string){
   $array[$index] = mysqli_real_escape_string ( $link , $string) ;
   $index++;
  }
  $excapedString = implode('\n',$array);
?>

Solution 2: Another solution: 解决方案2:另一个解决方案:

  • Replace \\n with some text (eg # NEWLINE #). 用一些文本替换\\n (例如# NEWLINE #)。
  • Do the string escape. 使字符串逸出。
  • Replace the text from step 1 to \\n . 将步骤1中的文本替换为\\n

Code: 码: 

<?php
 $string = '##YOUR STRING TO BE ESCAPED##';
 $stringToEscape = str_replace('\n','#_NEWLINE_#',$string);
 $escapedString = mysqli_real_escape_string ( $link , $stringToEscape ) ;
 $finalString = str_replace('#_NEWLINE_#','\n',$escapedString);
?>

解决方案2
 0  2019-03-25 07:11:10

You can use custom escape function like this one: 您可以像这样使用自定义转义功能: 

 function my_escape_function($value) { $search = array("\\\\", "\\x00", "\\r", "'", '"', "\\x1a"); $replace = array("\\\\\\\\","\\\\0", "\\\\r", "\\'", '\\"', "\\\\Z"); return str_replace($search, $replace, $value); }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用mysqli_real_escape_string()? - How to use mysqli_real_escape_string()? PHP的:Mysqli_real_escape_string - PHP:Mysqli_real_escape_string mysqli_real_escape_string与php中的数组? - mysqli_real_escape_string with array in php? PHP mysqli_real_escape_string参数 - PHP mysqli_real_escape_string argument PHP mysqli_real_escape_string问题 - PHP mysqli_real_escape_string problems PHP和MySQL-使用mysqli_real_escape_string的正确方法 - PHP and MySQL - correct way to use mysqli_real_escape_string 如何在查询中正确使用mysqli_real_escape_string()函数 - how to correctly use mysqli_real_escape_string() Function in a query 如何在$ _GET [&#39;page&#39;]中使用mysqli_real_escape_string - how to use mysqli_real_escape_string for $_GET['page'] 如何正确使用mysqli_real_escape_string - How to properly use mysqli_real_escape_string mysqli_real_escape_string mysqli链接? - mysqli_real_escape_string mysqli link?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM