Rumah > Soal Jawab > teks badan
大家讲道理2017-04-17 16:44:17
mysql_real_escape_string是将所有带有特殊字符进行转义
下列字符受影响:
x00
n
r
\
'
"
x1a
假如你要转义,请将查询参数转义了再带入sql ,如
$aid = mysql_real_escape_string("14218902787457024");
$date = mysql_real_escape_string("20170302");
select orderid from order where date = $date AND aid ='$aid'