stripos
If you are having trouble with stripslashes() corrupting binary data, try using urlencode() and urldecode() instead.
Description
string stripslashes ( string $str )Returns a string with backslashes stripped off. (\' becomes ' and so on.) Double backslashes (\\) are made into a single backslash (\).
Note: If magic_quotes_sybase is on, no backslashes are stripped off but two apostrophes are replaced by one instead.
An example use of stripslashes() is when the PHP directive magic_quotes_gpc is on (it's on by default), and you aren't inserting this data into a place (such as a database) that requires escaping. For example, if you're simply outputting data straight from an HTML form.
Example 2406. A stripslashes() example
<?php
$str = "Is your name O\'reilly?";
// Outputs: Is your name O'reilly?
echo stripslashes($str);
?>
Note: stripslashes() is not recursive. If you want to apply this function to a mutli-dimensional array, you need to use a recursive function.
Example 2407. Using stripslashes() on an array
<?php
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);
return $value;
}
// Example
$array = array("f\\'oo", "b\\'ar", array("fo\\'o", "b\\'ar"));
$array = stripslashes_deep($array);
// Output
print_r($array);
?>
The above example will output:
Array
(
[0] => f'oo
[1] => b'ar
[2] => Array
(
[0] => fo'o
[1] => b'ar
)
)
For more information about "magic quotes", see get_magic_quotes_gpc().
See also addslashes() and get_magic_quotes_gpc().
add a note
User Contributed Notesstripslashes
dragonfly at networkinsight dot net
11-Mar-2007 11:22
11-Mar-2007 11:22
JAB Creations
06-Mar-2007 04:49
06-Mar-2007 04:49
When writing to a flatfile such as an HTML page you'll notice slashes being inserted. When you write to that page it's interesting how to apply stripslashes...
I replaced this line...
<?php fwrite($file, $_POST['textarea']); ?>
With...
<?php if (get_magic_quotes_gpc()) {fwrite ($file, stripslashes($_POST['textarea']));}?>
You have to directly apply stripslashes to $_POST, $_GET, $_REQUEST, and $_COOKIE.
gregory at nutt dot ca
22-Feb-2007 02:48
22-Feb-2007 02:48
Here is code I use to clean the results from a MySQL query using the stripslashes function.
I do it by passing the sql result and the sql columns to the function strip_slashes_mysql_results. This way, my data is already clean by the time I want to use it.
function db_query($querystring, $array, $columns)
{
if (!$this->connect_to_mysql())
return 0;
$queryresult = mysql_query($querystring, $this->link)
or die("Invalid query: " . mysql_error());
if(mysql_num_rows($queryresult))
{
$columns = mysql_field_names ($queryresult);
if($array)
{
while($row = mysql_fetch_row($queryresult))
$row_meta[] = $this->strip_slashes_mysql_results($row, $columns);
return $row_meta;
}
else
{
while($row = mysql_fetch_object($queryresult))
$row_meta[] = $this->strip_slashes_mysql_results($row, $columns);
return $row_meta;
}
}
else
return 0;
}
function strip_slashes_mysql_results($result, $columns)
{
foreach($columns as $column)
{
if($this->debug)
printp(sprintf("strip_slashes_mysql_results: %s",strip_slashes_mysql_results));
$result->$column = stripslashes($result->$column);
}
return $result;
}
Allen
07-Feb-2007 07:41
07-Feb-2007 07:41
In response to Tim's solution, it is only good for one-dimensional array. If the variables happened to be multi-dimensional arrays, we still have to use function like 'stripslashes_deep'.
stoic
02-Jan-2007 04:31
02-Jan-2007 04:31
in response to crab dot crab at gmail dot com:
$value need not be passed by reference. The 'stripped' value is returned. The passed value is not altered.
Kibby
14-May-2006 08:41
14-May-2006 08:41
Okay, if using stripslashes_deep, it will definitely replace any NULL to "". This will affect to coding that depends isset(). Please provide a workaround based on recent note.
hauser dot j at gmail dot com
21-Feb-2006 10:13
21-Feb-2006 10:13
Don't use stripslashes if you depend on the values NULL.
Apparently stripslashes converts NULL to string(0) ""
<?php
$a = null;
var_dump($a);
$b = stripslashes($a);
var_dump($b);
?>
Will output
NULL
string(0) ""
alf at mitose dot net
26-Oct-2005 12:09
26-Oct-2005 12:09
Take care using stripslashes() if the text you want to insert in the database contain \n characters ! You'll see "n" instead of (not seeing) "\n".
It should be no problem for XML, but is still boring ...
r_loebs at hotmail dot com
25-Jun-2005 02:03
25-Jun-2005 02:03
Of course why not just do an
if($r){ stuff; } <-- this will check it all, NULL, 0, ""
10-Feb-2005 03:45
If you want to deal with slashes in double-byte encodings, such as shift_jis or big5, you may use this:
<?
function stripslashes2($string) {
$string = str_replace("\\\"", "\"", $string);
$string = str_replace("\\'", "'", $string);
$string = str_replace("\\\\", "\\", $string);
return $string;
}
?>
mattyblah at gmail dot com
10-Sep-2004 03:51
10-Sep-2004 03:51
It should be of note that if you are stripping slashes to get rid of the slashes added by magic_quotes_gpc then it will also remove slashes from \. This may not seem that bad but if you have someone enter text such as 'testing\' with a slash at the end, this will cause an error if not corrected. It's best to strip the slashes, then add a slash to every single slash using $text = str_replace('\\', '\\\\', $text);
hash at samurai dot fm
01-Dec-2003 05:34
01-Dec-2003 05:34
Might I warn readers that they should be vary careful with the use of stripslashes on Japanese text. The shift_jis character set includes a number of two-byte code charcters that contain the hex-value 0x5c (backslash) which will get stripped by this function thus garbling those characters.
What a nightmare!