我收到一个关于撇号的错误代码"error on line 2"。我认为在文本字段中,当键入"时,会影响"之外的代码并导致错误。如何使文本字段中的标记不影响代码的其余部分?
有问题的html元素是q25和q35
该网站位于http://educationofthedesigner.com/survey.html提交后,它会将您发送到php页面。
错误__
Error: INSERT INTO survey2 (Email, School, Major, Degree, Status, Sex, Age, Q7, Q8, Q9, Classes,
Q11, Q12, Q13, Q14, Q15, Q16, Q17, Q18, Q19, Q20, Q21, Q22, Q23, Q24, Q25, Q26, Q27,
Q28, Q29, Q30, Q31, Q32, Q33, Q34, Q35, Q36, Q37, Q38, Q39, Q40, Q41, Q42, Q43)
VALUES ('', 'Purchase College', 'Graphic Design', 'BFA', 'Senior', 'Male', '1994', 'no',
'no', 'yes', 'branding, web/interactive, print, art direction, social design,
design theory, design authorship, type design, book arts, printmaking,
letterpress, design history', 'yes', '19 to 21', '11 to 20', 'no', '7', '3',
'1', '8', '2', '10', '3', '3', 'no', '30+', 'We don't focus on
skills/encouraging the development of a marketable portfolio at all.
There are students in my program who still don't understand basic precepts
of design, and more importantly don't understand how to teach themselves
new techniques. We're rooted in a homogenous visual culture that encourages
illiteracy in the tools of the trade as a hallmark of its style.', 'yes',
'studio', 'yes', 'yes', '20-25', '4', '2', '6', 'on capus', 'A drab closet
of a room filled with computers and devoid of windows and non-fluorescent
light. Big tables for cutting. No food or drink.', 'financial', 'yes', 'no',
'10', '7', 'yes', 'essential', 'Not Really')
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near 't focus on skills/encouraging the development of
a marketable portfolio at all. ' at line 2
我认为您正在寻找Prepared Statements,它应该可以防止出现这样的错误。
首先创建您的语句,并声明要更新/插入多少项或其他内容。然后声明变量的类型(s-string,i-integer)和变量本身。
看这里:http://www.w3schools.com/php/php_mysql_prepared_statements.asp
您只需要用斜杠转义值中的撇号
INSERT INTO survey2 (Email, School, Major, Degree, Status, Sex, Age, Q7, Q8, Q9, Classes, Q11, Q12, Q13, Q14, Q15, Q16, Q17, Q18, Q19, Q20, Q21, Q22, Q23, Q24, Q25, Q26, Q27, Q28, Q29, Q30, Q31, Q32, Q33, Q34, Q35, Q36, Q37, Q38, Q39, Q40, Q41, Q42, Q43) VALUES ('', 'Purchase College', 'Graphic Design', 'BFA', 'Senior', 'Male', '1994', 'no', 'no', 'yes', 'branding, web/interactive, print, art direction, social design, design theory, design authorship, type design, book arts, printmaking, letterpress, design history', 'yes', '19 to 21', '11 to 20', 'no', '7', '3', '1', '8', '2', '10', '3', '3', 'no', '30+', 'We don''t focus on skills/encouraging the development of a marketable portfolio at all. There are students in my program who still don''t understand basic precepts of design, and more importantly don''t understand how to teach themselves new techniques. We''re rooted in a homogenous visual culture that encourages illiteracy in the tools of the trade as a hallmark of its style.', 'yes', 'studio', 'yes', 'yes', '20-25', '4', '2', '6', 'on capus', 'A drab closet of a room filled with computers and devoid of windows and non-fluorescent light. Big tables for cutting. No food or drink.', 'financial', 'yes', 'no', '10', '7', 'yes', 'essential', 'Not Really')
的基本示例
INSERT INTO table (a, b, c) VALUES (1, 'hello', 'don''t know');
-- ^ note the slash here
或者,您可以使用php函数将撇号处理为addslashes()
之所以会出现错误,是因为mysql将字符串结尾为打开后发现的第一个撇号。对于任何值,字符串的其余部分都不会被撇号包围。
在将数据添加到数据库之前,您应该过滤表单。
最简单的解决方案是过滤数据并删除撇号:
$string = str_replace("'", "", $string);
或者如果你喜欢在数据中使用撇号:
$string = str_replace("'", "'", $string);
考虑过滤其他数据,而不仅仅是撇号。谷歌搜索"净化php"或"过滤输入"以获取更多信息。