How to escape slashes for mysql insert?
Question
This is answered everywhere and I simply can't see what's wrong with my code:
print 'https://www.facebook.com/someURL'.'<br />';
print addslashes('https://www.facebook.com/someURL').'<br />';
print mysql_real_escape_string('https://www.facebook.com/someURL').'<br />';
Output is:
https://www.facebook.com/someURL
https://www.facebook.com/someURL
https://www.facebook.com/someURL
Why are no slashes being added in any of these cases?
3 answers
solution1
4 ACCPTED 2014-01-04 09:25:20
Why are no slashes being added in any of these cases?
You don't have any characters that need escaping in that string.
That said, addslashes is not suitable and mysql_real_escape_string (like all of mysql_ ) is obsolete , you should use a modern replacement and use prepared statements / bound arguments instead of manual string escaping.
solution2
2 2014-01-04 09:26:06
Because addslashes() returns a string with backslashes before characters that need to be escaped. These characters are single quote ('), double quote ("), backslash () and NUL (the NULL byte).
and your string doesnot contain any of the above mentioned characters.
solution3
2 2014-01-04 09:26:41
From http://uk3.php.net/addslashes :
Returns a string with backslashes before characters that need to be escaped. These characters are single quote ('), double quote ("), backslash () and NUL (the NULL byte).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.