reference/strings/functions/addslashes.xml
8cdc6621f9826d04abc3e50438c010804d7e8683
...
...
@@ -1,6 +1,6 @@
1
1
<?xml version="1.0" encoding="utf-8"?>
2
2
<!-- $Revision$ -->
3
-
<refentry xmlns="http://docbook.org/ns/docbook" xml:id="function.addslashes">
3
+
<refentry xml:id="function.addslashes" xmlns="http://docbook.org/ns/docbook">
4
4
<refnamediv>
5
5
<refname>addslashes</refname>
6
6
<refpurpose>Quote string with slashes</refpurpose>
...
...
@@ -10,7 +10,7 @@
10
10
&reftitle.description;
11
11
<methodsynopsis>
12
12
<type>string</type><methodname>addslashes</methodname>
13
-
<methodparam><type>string</type><parameter>str</parameter></methodparam>
13
+
<methodparam><type>string</type><parameter>string</parameter></methodparam>
14
14
</methodsynopsis>
15
15
<para>
16
16
Returns a string with backslashes added before characters that need to be
...
...
@@ -37,15 +37,6 @@ eval("echo '" . addslashes($str) . "';");
37
37
</informalexample>
38
38
</para>
39
39
<para>
40
-
Prior to PHP 5.4.0, the PHP directive <link linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link>
41
-
was <literal>on</literal> by default and it essentially ran <function>addslashes</function>
42
-
on all GET, POST and COOKIE data.
43
-
<function>addslashes</function> must not be used on strings that have already
44
-
been escaped with <link linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link>,
45
-
as the strings will be double escaped. <function>get_magic_quotes_gpc</function> can be used to check
46
-
if <link linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link> is <literal>on</literal>.
47
-
</para>
48
-
<para>
49
40
The <function>addslashes</function> is sometimes incorrectly used to try to prevent
50
41
<link linkend="security.database.sql-injection">SQL Injection</link>. Instead,
51
42
database-specific escaping functions and/or prepared statements should be used.
...
...
@@ -57,7 +48,7 @@ eval("echo '" . addslashes($str) . "';");
57
48
<para>
58
49
<variablelist>
59
50
<varlistentry>
60
-
<term><parameter>str</parameter></term>
51
+
<term><parameter>string</parameter></term>
61
52
<listitem>
62
53
<para>
63
54
The string to be escaped.
...
...
@@ -109,7 +100,6 @@ echo addslashes($str);
109
100
</refsect1>
110
101

111
102
</refentry>
112
-

113
103
<!-- Keep this comment at the end of the file
114
104
Local variables:
115
105
mode: sgml
116
106