1.在字符串中的预定义字符添加反斜杠,一般存入数据库中转义一下,有的数据库会自动转义的
<?php
$str = "Who's John Adams?";
echo $str . " This is not safe in a database query.<br />";
echo addslashes($str) . " This is safe in a database query.";
?>
Who's John Adams? This is not safe in a database query.
Who\'s John Adams? This is safe in a database query.
2.stripslashes() 函数删除由 addslashes() 函数添加的反斜杠。
<?php
echo stripslashes("Who\'s John Adams?");
?>
Who's John Adams?
3. strip_tags() 函数剥去 HTML、XML 以及 PHP 的标签。
echo strip_tags("Hello <b><i>world!</i></b>","<b>");
输出 Hello world!