SitePoint Sponsor

User Tag List

Results 1 to 6 of 6

Thread: Affected Chars?

  1. #1
    <? echo "Kick me"; ?> petesmc's Avatar
    Join Date
    Nov 2000
    Location
    Hong Kong
    Posts
    1,508
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Affected Chars?

    Hi,

    Does anyone know where I can get a list of all the affect characters of:

    addslashes() and htmlsepcialchars()?

    I've look already for them, except something so small in detail is quite hard to find.

    -Pete

  2. #2
    SitePoint Wizard
    Join Date
    Mar 2001
    Posts
    3,537
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    --
    Last edited by 7stud; Jun 7, 2001 at 09:53.

  3. #3
    SitePoint Wizard
    Join Date
    Mar 2001
    Posts
    3,537
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    Uhhh...ever heard of www.php.net? Surprisingly, the function descriptions say what characters are affected.
    AddSlashes
    (PHP 3, PHP 4 )

    AddSlashes -- Quote string with slashes
    Description

    string addslashes (string str)


    Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash (\) and NUL (the null byte).
    Description

    string htmlspecialchars (string string [, int quote_style])


    Certain characters have special significance in HTML, and should be represented by HTML entities if they are to preserve their meanings. This function returns a string with some of these conversions made; the translations made are those most useful for everyday web programming. If you require all HTML character entities to be translated, use htmlentities() instead.

    This function is useful in preventing user-supplied text from containing HTML markup, such as in a message board or guest book application. The optional second argument, quote_style, tells the function what to do with single and double quote characters. The default mode, ENT_COMPAT, is the backwards compatible mode which only translates the double-quote character and leaves the single-quote untranslated. If ENT_QUOTES is set, both single and double quotes are translated and if ENT_NOQUOTES is set neither single nor double quotes are translated.

    The translations performed are:


    '&' (ampersand) becomes '&amp;'

    '"' (double quote) becomes '&quot;' when ENT_NOQUOTES is not set.

    ''' (single quote) becomes '&#039;' only when ENT_QUOTES is set.

    '<' (less than) becomes '&lt;'

    '>' (greater than) becomes '&gt;'
    Last edited by 7stud; Jun 7, 2001 at 09:57.

  4. #4
    <? echo "Kick me"; ?> petesmc's Avatar
    Join Date
    Nov 2000
    Location
    Hong Kong
    Posts
    1,508
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Suprisingly I have heard of php.net.wow!

    Anyway, I'm think they're may be more as I've seen them mentioned here.

  5. #5
    SitePoint Wizard
    Join Date
    Mar 2001
    Posts
    3,537
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    --
    Last edited by 7stud; Jun 8, 2001 at 00:07.

  6. #6
    SitePoint Wizard
    Join Date
    Mar 2001
    Posts
    3,537
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    You must have missed the fine print. From www.php.net:
    The translations performed are:

    '&' (ampersand) becomes '&amp;'

    '"' (double quote) becomes '&quot;' when ENT_NOQUOTES is not set.

    ''' (single quote) becomes '&#039;' only when ENT_QUOTES is set.

    '<' (less than) becomes '&lt;'

    '>' (greater than) becomes '&gt;'

    Example 1. htmlspecialchars() example

    $new = htmlspecialchars("<a href='test'>Test</a>", ENT_QUOTES);

    Note that this function does not translate anything beyond what is listed above. For full entity translation, see htmlentities().
    Last edited by 7stud; Jun 8, 2001 at 00:15.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •