addslashes
Quote string with slashes
Description
string addslashes(string $string
)
- single quote (
'
)
- double quote (
"
)
- backslash (
\
)
- NUL (the NUL byte)
A use case of addslashes is escaping the aforementioned
characters in a string that is to be evaluated by PHP:
The addslashes is sometimes incorrectly used to try to prevent
SQL Injection. Instead,
database-specific escaping functions and/or prepared statements should be used.
Parameters
-
string
-
The string to be escaped.
Return Values
Returns the escaped string.
Examples
Example #1 An addslashes example
<?php
$str = "Is your name O'Reilly?";
// Outputs: Is your name O\'Reilly?
echo addslashes($str);
?>
See Also
- stripcslashes
- stripslashes
- addcslashes
- htmlspecialchars
- quotemeta
- get_magic_quotes_gpc