|
użytkowników online: 64
|
OPINIE UŻYTKOWNIKÓW
|
Nie jestem webmasterem, ale i na mnie zrobiła wrażenie szybkość reakcji Darka na mój problem. Jego kompetencja i przede wszystkim zupełnie niemodna w dzisiejszych skomercjalizowanych czasach - zwykła ludzka życzliwość dla innego człowieka. Tacy ludzie to dziś gatunek niemal wymarły...
Leszek
Wojskowy Instytut Medyczny
|
|
PODRĘCZNIK PHP 5.x, 4.x, 3.x - częściowo spolszczony / źródło: www.php.net
[Spis]
[A]
[B]
[C]
[D]
[E]
[F]
[G]
[H]
[I]
[J]
[K]
[L]
[M]
[N]
[O]
[P]
[Q]
[R]
[S]
[T]
[U]
[V]
[X]
[W]
[Z]
addcslashes (PHP 4, PHP 5) addcslashes -- Quote string with slashes in a C style Descriptionstring addcslashes ( string str, string charlist )
Returns a string with backslashes before characters that are
listed in charlist parameter. It escapes
\n, \r etc. in C-like
style, characters with ASCII code lower than 32 and higher than
126 are converted to octal representation.
Be careful if you choose to escape characters 0, a, b, f, n, r,
t and v. They will be converted to \0, \a, \b, \f, \n, \r, \t
and \v.
In PHP \0 (NULL), \r (carriage return), \n (newline) and \t (tab)
are predefined escape sequences, while in C all of these are
predefined escape sequences.
charlist like "\0..\37", which would
escape all characters with ASCII code between 0 and 31.
Przykład 1. addcslashes() example |
<?php
$escaped = addcslashes($not_escaped, "\0..\37!@\177..\377");
?>
|
|
When you define a sequence of characters in the charlist argument
make sure that you know what characters come between the
characters that you set as the start and end of the range.
Also, if the first character in a range has a higher ASCII value
than the second character in the range, no range will be
constructed. Only the start, end and period characters will be
escaped. Use the ord() function to find the
ASCII value for a character.
See also stripcslashes(),
stripslashes(),
htmlspecialchars(), and
quotemeta().
User Contributed Notesphpcoder at cyberpimp dot pimpdomain dot com
20-Jan-2005 09:35
Forgot to add something:
The only time you would likely use addcslashes() without specifying the backslash (\) character in charlist is when you are VALIDATING (not encoding!) a data string.
(Validation ensures that all control characters and other unsafe characters are correctly encoded / escaped, but does not alter any pre-existing escape sequences.)
You can validate a data string multiple times without fear of "double encoding". A single decoding pass will return the original data, regardless of how many times it was validated.)
phpcoder at cyberpimp dot pimpdomain dot com
20-Jan-2005 08:02
If you are using addcslashes() to encode text which is to later be decoded back to it's original form, you MUST specify the backslash (\) character in charlist!
Example:
<?php
$originaltext = 'This text does NOT contain \\n a new-line!';
$encoded = addcslashes($originaltext, '\\');
$decoded = stripcslashes($encoded);
echo $decoded; ?>
If the '\\' was not specified in addcslashes(), any literal \n (or other C-style special character) sequences in $originaltext would pass through un-encoded, but then be decoded into control characters by stripcslashes() and the data would lose it's integrity through the encode-decode transaction.
ruben at intesys dot it
31-May-2004 06:51
jsAddSlashes for XHTML documents:
<?php
header("Content-type: text/xml");
print <<<EOF
<?xml version="1.0"?>
<html>
<head>
<script type="text/javascript">
EOF;
function jsAddSlashes($str) {
$pattern = array(
"/\\\\/" , "/\n/" , "/\r/" , "/\"/" ,
"/\'/" , "/&/" , "/</" , "/>/"
);
$replace = array(
"\\\\\\\\", "\\n" , "\\r" , "\\\"" ,
"\\'" , "\\x26" , "\\x3C" , "\\x3E"
);
return preg_replace($pattern, $replace, $str);
}
$message = jsAddSlashes("\"<Hello>\",\r\n'&World'\\!");
print <<<EOF
alert("$message");
</script>
</head>
<body>
<h1>Hello, World!</h1>
</body>
</html>
EOF;
?>
21-Sep-2003 08:44
<?
function jsaddslashes($s)
{
$o="";
$l=strlen($s);
for($i=0;$i<$l;$i++)
{
$c=$s[$i];
switch($c)
{
case '<': $o.='\\x3C'; break;
case '>': $o.='\\x3E'; break;
case '\'': $o.='\\\''; break;
case '\\': $o.='\\\\'; break;
case '"': $o.='\\"'; break;
case "\n": $o.='\\n'; break;
case "\r": $o.='\\r'; break;
default:
$o.=$c;
}
}
return $o;
}
?>
<script language="javascript">
document.write("<? echo jsaddslashes('<h1 style="color:red">hello</h1>'); ?>");
</script>
output :
<script language="javascript">
document.write("\x3Ch1 style=\"color:red\"\x3Ehello\x3C/h1\x3E");
</script>
natNOSPAM at noworrie dot NO_SPAM dot com
18-May-2002 01:22
I have found the following to be much more appropriate code example:
<?php
$escaped = addcslashes($not_escaped, "\0..\37!@\@\177..\377");
?>
This will protect original, innocent backslashes from stripcslashes.
|
