I have a MySql database 开发者_如何学Pythonwith a URL field that has normal URLs with forward slashes. When I get the URL data with PHP web service it shows up with a backward slash for each forward slash:
http://example.com/iphone/images/test.png
shows as
http:\/\/example.com\/iphone\/images\/test.png
What could be the problem?
Here is the function that gets my data.
function getdata() {
// Check for required parameters
if (isset($_POST["genre"])) {
// Put parameters into local variables
$genre = $_POST["genre"];
// Final result array
$final_result = array();
// Look up in database
$user_id = 0;
$stmt = $this->db->prepare('SELECT ID, BAND, VENUE, GENRE, DATE, THUMBNAIL_URL, DESCRIPTION FROM shows WHERE GENRE=?');
$stmt->bind_param("s", $genre);
$stmt->execute();
$stmt->bind_result($id, $band_result, $venue_result, $genre, $date, $thumbnail_url, $description);
while ($stmt->fetch()) {
$thumbnail_url = stripslashes($thumbnail_url);
$result = array(
"id" => $id, "band" => $band_result, "venue" => $venue_result, "genre" => $genre, "date" => $date, "thumbnail_url" => $thumbnail_url, "description" => $description,
);
$final_result[] = $result;
continue;
}
$stmt->close();
sendResponse(200, json_encode($final_result));
return true;
}
sendResponse(400, 'Invalid request');
return false;
}
The reason this can happen is your host most likely has magic_quotes enabled and it can change from host to host. (a futile attempt to strengthen security by escaping user submitted inputs).
So its always best to check if its enabled. (especially if your script reaches other configurations)
Then if so handle the stripping of thos unwanted extra slashes before you insert into database, still always use mysql_real_escape_sting() or PDO prepared statements to escape into the database else errors or mysql injections will follow.
if(get_magic_quotes_gpc()) {
$genre = stripslashes($_POST["genre"]);
}
If it's showing up in the database with slashes; that's fine.
If you want to remove them in your PHP after getting them out of the database, run it through stripslashes();
$url = stripslashes($url);
If you want to strip the slashes before it goes into the database... same as above, but think twice before you do :)
精彩评论