reference/strings/functions/addslashes.xml
45042fef652f1b4e904e809fcbfcf31f6c60670b
45042fef652f1b4e904e809fcbfcf31f6c60670b
...
...
@@ -1,6 +1,6 @@
1
1
<?xml version="1.0" encoding="utf-8"?>
2
2
<!-- $Revision$ -->
3
-
<refentry xmlns="http://docbook.org/ns/docbook" xml:id="function.addslashes">
3
+
<refentry xml:id="function.addslashes" xmlns="http://docbook.org/ns/docbook">
4
4
<refnamediv>
5
5
<refname>addslashes</refname>
6
6
<refpurpose>Quote string with slashes</refpurpose>
...
...
@@ -10,7 +10,7 @@
10
10
&reftitle.description;
11
11
<methodsynopsis>
12
12
<type>string</type><methodname>addslashes</methodname>
13
-
<methodparam><type>string</type><parameter>str</parameter></methodparam>
13
+
<methodparam><type>string</type><parameter>string</parameter></methodparam>
14
14
</methodsynopsis>
15
15
<para>
16
16
Returns a string with backslashes added before characters that need to be
...
...
@@ -25,7 +25,8 @@
25
25
<para>
26
26
A use case of <function>addslashes</function> is escaping the aforementioned
27
27
characters in a string that is to be evaluated by PHP:
28
-
<informalexample>
28
+
<example>
29
+
<title>Escaping Characters</title>
29
30
<programlisting role="php">
30
31
<![CDATA[
31
32
<?php
...
...
@@ -34,16 +35,7 @@ eval("echo '" . addslashes($str) . "';");
34
35
?>
35
36
]]>
36
37
</programlisting>
37
-
</informalexample>
38
-
</para>
39
-
<para>
40
-
Prior to PHP 5.4.0, the PHP directive <link linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link>
41
-
was <literal>on</literal> by default and it essentially ran <function>addslashes</function>
42
-
on all GET, POST and COOKIE data.
43
-
<function>addslashes</function> must not be used on strings that have already
44
-
been escaped with <link linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link>,
45
-
as the strings will be double escaped. <function>get_magic_quotes_gpc</function> can be used to check
46
-
if <link linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link> is <literal>on</literal>.
38
+
</example>
47
39
</para>
48
40
<para>
49
41
The <function>addslashes</function> is sometimes incorrectly used to try to prevent
...
...
@@ -57,7 +49,7 @@ eval("echo '" . addslashes($str) . "';");
57
49
<para>
58
50
<variablelist>
59
51
<varlistentry>
60
-
<term><parameter>str</parameter></term>
52
+
<term><parameter>string</parameter></term>
61
53
<listitem>
62
54
<para>
63
55
The string to be escaped.
...
...
@@ -109,7 +101,6 @@ echo addslashes($str);
109
101
</refsect1>
110
102
111
103
</refentry>
112
-
113
104
<!-- Keep this comment at the end of the file
114
105
Local variables:
115
106
mode: sgml
116
107