Home > Article > Backend Development > [discuz X2.5]It is not safe to do this query查询不允许有引号解决办法
[discuz X2.5]It is not safe to do this query查询不允许有引号解决办法
- WBOYOriginal
- 2016-06-13 13:26:551821browse
[discuz X2.5]It is not safe to do this query查询不允许有引号
各位给discuzX2.5做二次开发的,请问你在自已表里糊糊查询或者要查一个字符串username的时候,怎么处理的???
目前我用:DB::query('select * from t_username where f_username="'.$username.'"');
我发现只要sql里含有引号就会出错。问下大家自个查询自己的表,怎么写sql语句呀。
------解决方案--------------------
' "调换一下呢
------解决方案--------------------
DB::query("select * from t_username where f_username='$username'");
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article: php+xml数据储存 Next article: php事宜未成功