Nameaddcslashes — Escapes the specified characters (or range of characters) with C-style escape sequences.
addcslashes() performs C-style character escaping on the specified characters in a string. The characters to be escaped are defined in the chars_to_escape argument as a sequence of one or more single characters and/or ranges of characters (such as a..z or \0..\037). The characters within the string can be expressed as literals (a, b, c ...), C-style character escape sequences (\n, \r, ...), octal character escape sequences (\102, \277, ...), or hexadecimal character escape sequences (\x20, \xFF, ...).
Of the two characters used in a character range, the first character should have the lower value in the ASCII character map. If the first character has a higher value than the second character, the range is not recognized - only the characters specified for the start and end of the range, along with the periods specified between them, are escaped. Make sure that you know what characters are between the characters used for a range. For example, specifying a range of A..z escapes every alphabetic character - however, it also escapes the six characters in the character map that use the space between the uppercase and lowercase letters ([\]^_`).
Be careful when escaping characters 0, a, b, f, n, r, t, and v. When escaped by this function, they're converted into the predefined C-style escape sequences - \0, \a, \b, \f, \n, \r, \t, and \v .
<?php // Pretend that $c_program_output was generated by a call to a C program $c_program_output = "Some\tOdd\tFormat\0...\t...\t...\0"; // Make our list of characters to escape // There are better ways to do this - this example is just more interesting :) // If the lines below are confusing, see the entries on sprintf() and ord() $char_list = sprintf('%c..%c', 0, ord(0) - 1); $char_list .= sprintf('%c..%c', ord(9) + 1, ord('A') - 1); $char_list .= sprintf('%c..%c', ord('Z') + 1, ord('a') - 1); $char_list .= sprintf('%c..%c', ord('z') + 1, 255); // $char_list should now equal "\0..\057\072..\100\133..\140\173..\377" // Escape all the characters from $char_list $cleaned_output = addcslashes($c_program_output, $char_list); // Send the filtered data to another C program $more_c_output = exec("./some_c_program '$cleaned_output'"); ?> Result: The above code makes the following call in the command interpreter (aka shell/DOS window): ./some_c_program 'Some\tOdd\tFormat\000\.\.\.\t\.\.\.\t\.\.\.\000'
PHP Functions Essential Reference. Copyright © 2002 by New Riders Publishing (Authors: Zak Greant, Graeme Merrall, Torben Wilson, Brett Michlitsch). This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v1.0 or later (the latest version is presently available at http://www.opencontent.org/openpub/). The authors of this book have elected not to choose any options under the OPL. This online book was obtained from http://www.fooassociates.com/phpfer/ and is designed to provide information about the PHP programming language, focusing on PHP version 4.0.4 for the most part. The information is provided on an as-is basis, and no warranty or fitness is implied. All persons and entities shall have neither liability nor responsibility to any person or entity with respect to any loss or damage arising from the information contained in this book.