| SitePoint Sponsor |
|
|
User Tag List
Results 1 to 6 of 6
Thread: Affected Chars?
-
Jun 7, 2001, 08:28 #1<? echo "Kick me"; ?>
- Join Date
- Nov 2000
- Location
- Hong Kong
- Posts
- 1,508
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Affected Chars?
Hi,
Does anyone know where I can get a list of all the affect characters of:
addslashes() and htmlsepcialchars()?
I've look already for them, except something so small in detail is quite hard to find.
-Pete
-
Jun 7, 2001, 09:49 #2SitePoint Wizard
- Join Date
- Mar 2001
- Posts
- 3,537
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
--
Last edited by 7stud; Jun 7, 2001 at 09:53.
-
Jun 7, 2001, 09:52 #3SitePoint Wizard
- Join Date
- Mar 2001
- Posts
- 3,537
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi,
Uhhh...ever heard of www.php.net? Surprisingly, the function descriptions say what characters are affected.
AddSlashes
(PHP 3, PHP 4 )
AddSlashes -- Quote string with slashes
Description
string addslashes (string str)
Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash (\) and NUL (the null byte).Description
string htmlspecialchars (string string [, int quote_style])
Certain characters have special significance in HTML, and should be represented by HTML entities if they are to preserve their meanings. This function returns a string with some of these conversions made; the translations made are those most useful for everyday web programming. If you require all HTML character entities to be translated, use htmlentities() instead.
This function is useful in preventing user-supplied text from containing HTML markup, such as in a message board or guest book application. The optional second argument, quote_style, tells the function what to do with single and double quote characters. The default mode, ENT_COMPAT, is the backwards compatible mode which only translates the double-quote character and leaves the single-quote untranslated. If ENT_QUOTES is set, both single and double quotes are translated and if ENT_NOQUOTES is set neither single nor double quotes are translated.
The translations performed are:
'&' (ampersand) becomes '&'
'"' (double quote) becomes '"' when ENT_NOQUOTES is not set.
''' (single quote) becomes ''' only when ENT_QUOTES is set.
'<' (less than) becomes '<'
'>' (greater than) becomes '>'Last edited by 7stud; Jun 7, 2001 at 09:57.
-
Jun 7, 2001, 10:16 #4<? echo "Kick me"; ?>
- Join Date
- Nov 2000
- Location
- Hong Kong
- Posts
- 1,508
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Suprisingly I have heard of php.net.wow!
Anyway, I'm think they're may be more as I've seen them mentioned here.
-
Jun 8, 2001, 00:04 #5SitePoint Wizard
- Join Date
- Mar 2001
- Posts
- 3,537
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
--
Last edited by 7stud; Jun 8, 2001 at 00:07.
-
Jun 8, 2001, 00:06 #6SitePoint Wizard
- Join Date
- Mar 2001
- Posts
- 3,537
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi,
You must have missed the fine print. From www.php.net:
The translations performed are:
'&' (ampersand) becomes '&'
'"' (double quote) becomes '"' when ENT_NOQUOTES is not set.
''' (single quote) becomes ''' only when ENT_QUOTES is set.
'<' (less than) becomes '<'
'>' (greater than) becomes '>'
Example 1. htmlspecialchars() example
$new = htmlspecialchars("<a href='test'>Test</a>", ENT_QUOTES);
Note that this function does not translate anything beyond what is listed above. For full entity translation, see htmlentities().Last edited by 7stud; Jun 8, 2001 at 00:15.
Bookmarks