发表新帖
发表新帖

What characters have to be escaped to prevent (My)SQL injections?

前端 未结
关注
6 827
温柔的废话
温柔的废话 2020-11-29 05:47

I\'m using MySQL API\'s function

mysql_real_escape_string()

Based on the documentation, it escapes the following characters:
6条回答
  • 失恋的感觉
    失恋的感觉 (楼主)
    2020-11-29 06:08

    The MySQL manual page for strings says:

    • \0   An ASCII NUL (0x00) character.
    • \'   A single quote (“'”) character.
    • \"   A double quote (“"”) character.
    • \b   A backspace character.
    • \n   A newline (linefeed) character.
    • \r   A carriage return character.
    • \t   A tab character.
    • \Z   ASCII 26 (Control-Z). See note following the table.
    • \\   A backslash (“\”) character.
    • \%   A “%” character. See note following the table.
    • \_   A “_” character. See note following the table.

    0 讨论(0)
 看不清?
提交回复
热议问题