PHP
downloads | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | conferences | my php.net

search for in the

stristr> <stripos
Last updated: Fri, 18 Jul 2008

view this page in

stripslashes

(PHP 4, PHP 5)

stripslashes — Rimuove gli slash aggiunti con addslashes()

Descrizione

string stripslashes ( string $str )

Rimuove i backslash da una stringa. (\' diventa ' e così via.) I doppi backslash (\\) sono ridotti ad un singolo backslash (\).

Un esempio di uso di stripslashes() è dato dall'opzione PHP magic_quotes_gpc che, quando è impostata a on (come è per default), e non siinseriscono questi dati in una procedura (tipo in un database) che richiede il carattere di escape. Ad esempio, se si visualizza dati da un form HTML.

Example #1 Esempio di uso di stripslashes()

<?php
$str "Is your name O\'reilly?";

// Outputs: Is your name O'reilly?
echo stripslashes($str);
?>

Nota: La funzione stripslashes() non è ricorsiva Se si desidera utilizzare questa funzione su una matrice multi-dimensionale, occorre utilizzare una funzione ricorsiva.

Example #2 Esempio di utilizzo di stripslashes() su una matrice

<?php
function stripslashes_deep($value)
{
    $value is_array($value) ?
                array_map('stripslashes_deep'$value) :
                stripslashes($value);
 
    return $value;
}
 
// Example
$array = array("f\\'oo""b\\'ar", array("fo\\'o""b\\'ar"));
$array stripslashes_deep($array);
 
// Output
print_r($array);
?>

Il precedente esempio visualizzerà:

Array
(
    [0] => f'oo
    [1] => b'ar
    [2] => Array
        (
            [0] => fo'o
            [1] => b'ar
        )
 
)

Per maggiori dettagli su "magic quotes", vedere get_magic_quotes_gpc().

Vedere anche addslashes() e get_magic_quotes_gpc().



stristr> <stripos
Last updated: Fri, 18 Jul 2008
 
add a note add a note User Contributed Notes
stripslashes
techdesk100
28-Apr-2008 05:58
Function which checks if $input has correct slashes,
otherwise adds slashes. For cases when you are not sure the input is not already addslashed.

    public function addslashes_once($input){
        //These characters are single quote ('), double quote ("), backslash (\) and NUL (the NULL byte).
        $pattern = array("\\'", "\\\"", "\\\\", "\\0");
        $replace = array("", "", "", "");
        if(preg_match("/[\\\\'\"\\0]/", str_replace($pattern, $replace, $input))){
            return addslashes($input);
        }
        else{
            return $input;
        }
    }
Aditya P Bhatt (adityabhai at gmail dot com)
28-Mar-2008 08:03
Here is simple example code which you can use as a common function in your functions file:

<?php
function stripslashes_if_gpc_magic_quotes( $string ) {
    if(get_magic_quotes_gpc()) {
        return stripslashes($string);
    } else {
        return $string;
    }
}
?>
Evgeny
26-Feb-2008 05:52
extended version of stripslashes_deep. This allow to strip one also in the array_keys

    function stripslashes_deep($value) {
        if (is_array($value)) {
            if (count($value)>0) {
                $return = array_combine(array_map('stripslashes_deep', array_keys($value)),array_map('stripslashes_deep', array_values($value)));
            } else {
                $return = array_map('stripslashes_deep', $value);
            }
            return $return;
        } else {
            $return = stripslashes($value);
            return $return ;
        }
    }
tokyoahead
11-Jan-2008 07:39
I am using this here to clear data in a CMS against SQL injections and other mayhem. The flow is:

1. input into form
2. get from $_GET/$_POST
3. cleanup($data, true)
4. save to SQL
5. load from SQL
6. cleanup($data, false)
7. show in form for new edit or on the website

<?php
function cleanup($data, $write=false) {
    if (is_array($data)) {
        foreach ($data as $key => $value) {
            $data[$key] = cleanup_lvl2($value, $write);
        }
    } else {
        $data = cleanup_lvl2($data, $write);
    }
    return $data;
}

function cleanup_lvl2($data, $write=false) {
    if (isset($data)) { // preserve NULL
        if (get_magic_quotes_gpc()) {
            $data = stripslashes($data);
        }
        if ($write) {
            $data = mysql_real_escape_string($data);
        }
    }
    return $data;
}
?>
alex dot launi at gmail dot com
21-Dec-2007 05:16
kibby: I modified the stripslashes_deep() function so that I could use it on NULL values.

function stripslashes_deep($value)
{
    if(isset($value)) {
        $value = is_array($value) ?
            array_map('stripslashes_deep', $value) :
            stripslashes($value);
    }
    return $value;
}
lukas.skowronski at gmail dot com
20-Jun-2007 02:15
If You want to delete all slashes from any table try to use my function:

function no_slashes($array)
    {
        foreach($array as $key=>$value)
            {
                if(is_array($value))
                    {
                        $value=no_slashes($value);
                        $array_temp[$key]=$value;                       
                    }
                else
                    {
                        $array_temp[$key]=stripslashes($value);
                    }
            }       
        return $array_temp;   
    }
dragonfly at networkinsight dot net
12-Mar-2007 01:22
If you are having trouble with stripslashes() corrupting binary data, try using urlencode() and urldecode() instead.
JAB Creations
06-Mar-2007 06:49
When writing to a flatfile such as an HTML page you'll notice slashes being inserted. When you write to that page it's interesting how to apply stripslashes...

I replaced this line...
<?php fwrite($file, $_POST['textarea']); ?>

With...
<?php if (get_magic_quotes_gpc()) {fwrite ($file, stripslashes($_POST['textarea']));}?>

You have to directly apply stripslashes to $_POST, $_GET, $_REQUEST, and $_COOKIE.
gregory at nutt dot ca
22-Feb-2007 04:48
Here is code I use to clean the results from a MySQL query using the stripslashes function.

I do it by passing the sql result and the sql columns to the function strip_slashes_mysql_results.  This way, my data is already clean by the time I want to use it.

    function db_query($querystring, $array, $columns)
    {
      if (!$this->connect_to_mysql())
       return 0;

     $queryresult = mysql_query($querystring, $this->link)
        or die("Invalid query: " . mysql_error());
   
      if(mysql_num_rows($queryresult))
      {
          $columns = mysql_field_names ($queryresult);
   
          if($array)
          {
              while($row = mysql_fetch_row($queryresult))
                $row_meta[] = $this->strip_slashes_mysql_results($row, $columns);
              return $row_meta;
          }
          else
          {
              while($row = mysql_fetch_object($queryresult))
                $row_meta[] = $this->strip_slashes_mysql_results($row, $columns);
              return $row_meta;
          }
      }
      else
        return 0;
    }
   
    function strip_slashes_mysql_results($result, $columns)
    {
        foreach($columns as $column)
        {
              if($this->debug)
                  printp(sprintf("strip_slashes_mysql_results: %s",strip_slashes_mysql_results));
              $result->$column = stripslashes($result->$column);
        }
        return $result;
    }
Allen
07-Feb-2007 09:41
In response to Tim's solution, it is only good for one-dimensional array.  If the variables happened to be multi-dimensional arrays, we still have to use function like 'stripslashes_deep'.
stoic
02-Jan-2007 06:31
in response to crab dot crab at gmail dot com:

$value need not be passed by reference. The 'stripped' value is returned. The passed value is not altered.
Kibby
14-May-2006 11:41
Okay, if using stripslashes_deep, it will definitely replace any NULL to "".  This will affect to coding that depends isset().  Please provide a workaround based on recent note.
hauser dot j at gmail dot com
21-Feb-2006 12:13
Don't use stripslashes if you depend on the values NULL.

Apparently stripslashes converts NULL to string(0) ""

<?php
$a = null;
var_dump($a);

$b = stripslashes($a);
var_dump($b);
?>
Will output

NULL
string(0) ""
alf at mitose dot net
26-Oct-2005 03:09
Take care using stripslashes() if the text you want to insert in the database contain \n characters ! You'll see "n" instead of (not seeing) "\n".

It should be no problem for XML, but is still boring ...
r_loebs at hotmail dot com
25-Jun-2005 05:03
Of course why not just do an

if($r){ stuff; } <-- this will check it all, NULL, 0, ""
10-Feb-2005 05:45
If you want to deal with slashes in double-byte encodings, such as shift_jis or big5, you may use this:

<?
function stripslashes2($string) {
    $string = str_replace("\\\"", "\"", $string);
    $string = str_replace("\\'", "'", $string);
    $string = str_replace("\\\\", "\\", $string);
    return $string;
}
?>
mattyblah at gmail dot com
10-Sep-2004 06:51
It should be of note that if you are stripping slashes to get rid of the slashes added by magic_quotes_gpc then it will also remove slashes from \. This may not seem that bad but if you have someone enter text such as 'testing\' with a slash at the end, this will cause an error if not corrected. It's best to strip the slashes, then add a slash to every single slash using $text = str_replace('\\', '\\\\', $text);
hash at samurai dot fm
01-Dec-2003 07:34
Might I warn readers that they should be vary careful with the use of stripslashes on Japanese text. The shift_jis character set includes a number of two-byte code charcters that contain the hex-value 0x5c (backslash) which will get stripped by this function thus garbling those characters.

What a nightmare!
add a note add a note

stristr> <stripos
Last updated: Fri, 18 Jul 2008
 
 
show source | credits | sitemap | contact | advertising | mirror sites