Table of Contents. Save Article. Improve Article. Like Article. Last Updated : 28 Mar, Recommended Articles. Article Contributed By :. Connect and share knowledge within a single location that is structured and easy to search.
I have been reading most recently about prevention of SQL injection and I am trying to develop some sense of understanding between the different functions so that I can learn the basics. I'm wondering about what stripslashes is and what it is for. There are probably other reasons to use stripslashes , but in my case I have only ever needed it to undo the horror that is magic quotes.
It's actually the opposite of addslashes. Both MySQLi and PDO offer prepared-statements which, if used properly, will prevent SQL-Injection without the need to remember calling special escaping functions or worrying if your data will be modified from them.
Results from MySQL are not 'slashed' escaped so stripslashes it isn't needed when dealing with results. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. What is stripslashes for? But not with addslashes The reason for sanitizing user input is security. Read about SQL injection and cross-site scripting , which are the two most common security problems arising from un-sanitized input.
Posts saved by demetrius. Thanks jspcal! Asked By: teaforchris. Answered By: teaforchris. Answered By: TJ L. Answered By: troelskn.
PHP - add item to beginning of associative array [duplicate]. PHP: Split string into array, like explode with no delimiter. Simpler way to check if variable is not equal to multiple string values?
0コメント