donglin1692 2012-09-09 18:55
浏览 61
已采纳

php中有单引号的mysql_query错误[重复]

Possible Duplicate:
How do I handle single quotes inside a SQL query in PHP?

I had written the following code to fetch a data from a mysql table:

$clg=$row['text'];
$query1 = "SELECT * FROM user WHERE text='$clg'";
$result1 = mysql_query($query1,$con) or die(mysql_error());
$count=mysql_num_rows($result1);
echo $count;

But the text field has a single quote(') which closes the single quotes in $query1, hence resulting in mysql syntax error. How can I rectify this?

  • 写回答

2条回答 默认 最新

  • donglianer5064 2012-09-09 19:19
    关注
    $clg=$row['text'];
$query1 = "SELECT * FROM user WHERE text='" . mysql_real_escape_string($clg) . "'";
$result1 = mysql_query($query1,$con) or die(mysql_error());
$count=mysql_num_rows($result1);
echo $count;

    But you should know that mysql_* functions family will be deprecated soon. Please read the red box here located on php.net website.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?