【モバイル】携帯電話向け開発について語るスレ

【モバイル】携帯電話 ..

322:nobodyさん
06/09/08 18:41:52
4.3.0この関数は非推奨となりました。利用しないでください。代わりに mysql_real_escape_string() を利用してください。

URLﾘﾝｸ(jp2.php.net)

addslashes does NOT make your input safe for use in a database query! It only escapes according to what PHP defines,
not what your database driver defines. Any use of this function to escape strings for use in a database
is likely an error - mysql_real_escape_string, pg_escape_string, etc, should be used depending on your underlying database
as each database has different escaping requirements. In particular, MySQL wants \n, \r and \x1a escaped which addslashes
does NOT do. Therefore relying on addslashes is not a good idea at all and may make your code vulnerable to security risks.
I really don't see what this function is supposed to do.

URLﾘﾝｸ(jp2.php.net)

次ページ