YogeshChauhan . com

addcslashes() and addslashes() String Functions in PHP

in PHP on July 6, 2020

PHP String Functions Series Part 1

addcslashes() Function [PHP Version: 4+]

Returns a string with backslashes in front of the specified characters. (Quote string with slashes in a C style)

The addcslashes() function is case-sensitive.

Be careful if you choose to escape characters 0, a, b, f, n, r, t and v. They will be converted to , a, b, f, n, r, t and v, all of which are predefined escape sequences in C.

Many of these sequences are also defined in other C-derived languages, including PHP, meaning that you may not get the desired result if you use the output of addcslashes() to generate code in those languages with these characters.

Syntax


addcslashes(string, characters_list)

where 

string = the string to be escaped, it is Required

characters_list = Required. Specifies the characters or range of characters to be escaped

Examples


$string = addcslashes("Yogesh Chauhan.com!","h");
echo($string); 

//output

Yogesh Chauhan.com!

$string = addcslashes("Yogesh Chauhan.com!","Y");
echo($string); 

//output

Yogesh Chauhan.com!

$string = addcslashes("Yogesh Chauhan.com!","a..z");
echo($string); 

//output

Yogesh Chauhan.com!

$string = addcslashes("Yogesh Chauhan.com!","a..g");
echo($string); 

//output

Yogesh Chauhan.com!

addslashes() Function [PHP Version: 4+]

Returns a string with backslashes added before characters that need to be escaped.

These characters are:

1. single quote (‘)

2. double quote (“)

3. backslash ()

4. NUL (the NUL byte)

Syntax


addslashes(string)

where string = the string to be escaped, it is Required

P.S.: Prior to PHP 5.4.0, the PHP directive magic_quotes_gpc was on by default and it essentially ran addslashes() on all GET, POST and COOKIE data. addslashes() must not be used on strings that have already been escaped with magic_quotes_gpc, as the strings will be double escaped. get_magic_quotes_gpc() can be used to check if magic_quotes_gpc is on.

The addslashes() is sometimes incorrectly used to try to prevent SQL Injection. Instead, database-specific escaping functions and/or prepared statements should be used.

Examples


$str = "Is your name O'Reilly?";

echo addslashes($str);

//output

Is your name O\'Reilly?

Sources

amazon

Most Read

#1 How to check if radio button is checked or not using JavaScript? #2 Solution to “TypeError: ‘x’ is not iterable” in Angular 9 #3 How to add Read More Read Less Button using JavaScript? #4 How to uninstall Cocoapods from the Mac OS? #5 How to Use SQL MAX() Function with Dates? #6 PHP Login System using PDO Part 1: Create User Registration Page

Recently Posted

Jun 16 What are Stored Procedures for SQL Server? Jun 16 What are Class Constants in PHP? Jun 15 A short basic guide on states in React Jun 15 How to define constants in PHP? Jun 15 How to define visibility for a property in PHP? Jun 15 How to use @if and @else in SCSS?

You might also like these

MIN, MAX, COUNT, AVG and SUM in SQLSQL/MySQLDifferent Types of Functions in JavaScriptJavaScriptList of social media icon logo color codes in HEXMiscHow to solve “framework not found” error in Swift?SwiftHow to add multiple components in React app?ReactDROP DATABASE (remove a database) from PostgresPostgres