(PHP 4, PHP 5)
stripcslashes — Entfernt Quotes aus mit addcslashes() behandelten Strings
Gibt einen String zurück, aus dem die Backslashes ("\") entfernt wurden. Wie in C werden \n, \r ..., oktal- und hexadezimal-Vorkommen erkannt.
Die zu demaskierende Zeichenkette.
Gibt die demaskierte Zeichenkette zurück.
you might want to do a double stripslashes to completely remove 3 consecutive slashes
$stripped = 'this is a string with three\\\ slashes';
$stripped = stripslahses($stripped);
would output:
'this is a string with three\ slashes'
$stripped = 'this is a string with three\\\ slashes';
$stripped = stripslahses(stripslashes($stripped));
would output:
'this is a string with three slashes'
> /*QUOTE
> stripcslashes('He\xallo') == 'He'."\n".'llo'
> stripcslashes('H\xaello') == 'H'.chr(0xAE).'llo'
> */
>
> You Can Use
>
> stripcslashes('H\xa0ello') == 'H'.chr(0xA0).'ello'
Correct. But not what (I think) you were trying to show.
>
> as xa0 = xa = chr(xA)
Not so correct.
Does 9==90? No, because that added zero *after* the number means something.
It's when you add a zero *before* the number does it not affect the value.
I'd like to assume that was a typo, but with the Internet as it is, who knows...
> You Can Use
>
> stripcslashes('H\x0aello') == 'H'.chr(0x0A).'ello'
fix'd
Well, if you're reading data imported from another product, like Microsoft(ughh), you may encounter slashes, etc.. in your data anyway. Our company uses Microsoft Dynamics and I have to read their Vendor tables. Apparently, Dynamics and SQL Server allow all kinds of garbage in their fields. I've even seen tic marks used in the data in the key fields.
/*QUOTE
stripcslashes('He\xallo') == 'He'."\n".'llo'
stripcslashes('H\xaello') == 'H'.chr(0xAE).'llo'
*/
You Can Use
stripcslashes('H\xa0ello') == 'H'.chr(0xA0).'ello'
as xa0 = xa = chr(xA)
stripcslashes does not accept hexadecimal escape sequences of more than two digits, even though C does. This means that all of the following are true (in C the second and third examples would contain the characters '\x48e' and '\x323' respectively):
stripcslashes('H\x65llo') == 'Hello'
stripcslashes('\x48ello') == 'Hello'
stripcslashes('1\x323') == '123'
stripcslashes does accept hexadecimal escape sequences of only one digit, as long as the following digit is not a valid hexadecimal digit, so both of the following are true:
stripcslashes('He\xallo') == 'He'."\n".'llo'
stripcslashes('H\xaello') == 'H'.chr(0xAE).'llo'
The fact that stripcslashes is limited to two hexadecimal digits looks like a bug at first glance, but it can be a feature. You can, for example, do a simple str_replace(':', '\x3a', $str) to replace all colons in a string with '\x3a' without having to worry about whether or not the next character will be interpreted as a hexadecimal digit.
If this "bug" is ever fixed, there will be no way in PHP to escape the colon in the string 'a:b' with a hexadecimal representation, since the 'b' would be interpreted as the hexadecimal digit 11. The string 'a\x3ab' would be interpreted as 'a'.chr(0x3AB).
if you allow users to submit fields with apostrophy's inside, what you should do is pass that string into "stripcslashes()" to remove any slashes that may be automatically added by whatever that is causing it. As usual, you should verify this for yourself by creating a form and output the raw data in plain text format to make sure you have it right. The reason why MySQL does seem to ignore this problem is because it takes the "\'" and treat it as "'".