Home >Backend Development >PHP Tutorial >PDO能不自动转义吗?
PDO能不自动转义吗?
- WBOYOriginal
- 2016-06-06 20:47:31985browse
我数据库有一个字段是这样存的,
<code>array (
1 =>
array (
\'id\' => 1,
\'name\' => \'测试\',
\'desc\' => NULL,
\'url\' => \'http://163.com\',
\'parent\' => 0,
),
)
</code>
写了个备份的程序,导出以后的格式也没有错
<code>INSERT INTO `table` VALUES('names','array (
1 =>
array (
\'id\' => 1,
\'name\' => \'测试\',
\'desc\' => NULL,
\'url\' => \'http://163.com\',
\'parent\' => 0,
),
)','key');
</code>
但是再用程序导入到数据库中以后,这个字段的内容就变了,应该是PDO把\'去掉了,也把换行符去掉了,导致我的数据不能再次使用。。。
<code>array ( 1 => array ( 'id' => 1, 'name' => '测试', 'desc' => NULL, 'url' => 'http://163.com', 'parent' => 0, ),) </code>
额,因为一些情况,我不想用serialize和unserialize
回复内容:
我数据库有一个字段是这样存的,
<code>array (
1 =>
array (
\'id\' => 1,
\'name\' => \'测试\',
\'desc\' => NULL,
\'url\' => \'http://163.com\',
\'parent\' => 0,
),
)
</code>
写了个备份的程序,导出以后的格式也没有错
<code>INSERT INTO `table` VALUES('names','array (
1 =>
array (
\'id\' => 1,
\'name\' => \'测试\',
\'desc\' => NULL,
\'url\' => \'http://163.com\',
\'parent\' => 0,
),
)','key');
</code>
但是再用程序导入到数据库中以后,这个字段的内容就变了,应该是PDO把\'去掉了,也把换行符去掉了,导致我的数据不能再次使用。。。
<code>array ( 1 => array ( 'id' => 1, 'name' => '测试', 'desc' => NULL, 'url' => 'http://163.com', 'parent' => 0, ),) </code>
额,因为一些情况,我不想用serialize和unserialize
呵呵呵呵呵呵呵呵呵呵呵呵呵呵呵呵呵呵, 首先,你看似直接存了数组进去,实际上取出来根本不能用。只是个字符串而已。除非你eval,安全性和性能都不如序列化。哪怕你json格式化也行啊。
PDO默认的exec和query不支持过滤。请使用prepare
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:curl 模拟用户登陆,但有验证码Next article:symonfy2用第三方CaptchaBundle