mysql_real_escape_string and single quote

后端未结

关注

 6  1414

花落未央 2020-12-10 19:07

I\'m quite frustrated. I want to be able to insert into my database names with single quotes - for example, O\'Connor.

So, when inserting into the DB, I do:

6条回答

陌清茗 (楼主)

2020-12-10 19:51

Little edit to the fixinput function to check if your installation of PHP does indeed have real escape string (older versions don't):

  function fixinput($value){
    if (get_magic_quotes_gpc()){
      $value = stripslashes($value);
    }

    if (function_exists('mysql_real_escape_string')) {
      return mysql_real_escape_string($value);
    }
    else {
      return mysql_escape_string($value);
    }
  }

0 讨论(0)

查看其它6个回答