我使用以下代码,但似乎每当我在文章字段中使用单引号(')或双引号(“)时( $_POST['article']
)除非我使用 \'
或者 \"
以便查询将其作为文本的一部分进行读取。。有什么代码我可以写,使它考虑到 $_POST['article']
作为全文?这是我的密码:
<?php
require_once ('connection.php');
$title=$_POST['title'];
$article=$_POST['article'];
if($category!="")
{
$query = "SELECT count( id ) as num FROM article;";
$result = mysqli_query($conn, $query);
/* numeric array */
$row = mysqli_fetch_array($result, MYSQLI_NUM);
if($row[0]==0)
{
$newId=0;
}else{
$query = "SELECT MAX( id ) as max FROM article;";
$result = mysqli_query($conn, $query);
/* numeric array */
$row = mysqli_fetch_array($result, MYSQLI_NUM);
$newId = $row[0] +1;
}
$sql="INSERT INTO `article`(`id`, `title`, `text`)
VALUES ('".$newId."','".$title."','".$article."')";
$result = $conn->query($sql);
if ($conn->query($sql) === TRUE) {
header("Location: ArticleSent.php");
$conn->close();
exit();
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
$conn->close();
exit();
}
}
else
{
header("Location: categoryrequired.php");
$conn->close();
exit();
}
?>
暂无答案!
目前还没有任何答案,快来回答吧!