如何使用 php 表单文本区域将撇号存储在数据库中?

How Apostrophe is stored in database using php form text area?

我有一个名为 "form.php" 的代码文件。在此我创建了一个网络表单并在其中使用了文本区域标签。我有个问题。当我在文本区域写东西并在我的文本中使用撇号时,数据无法存储在数据库中。但是当我写文本时没有撇号数据存储在数据库中。我该如何解决我的问题?

我的代码如下:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><?php
$connection = mysql_connect("localhost", "root", ""); // Establishing Connection with Server
$db = mysql_select_db("aaaaa", $connection); // Selecting Database from Server
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
$txtTitle = $_POST['txtTitle'];
$txtReferance = $_POST['txtReferance'];
$txtToName = $_POST['txtToName'];
$chkConfidential = $_POST['chkConfidential'];
$txtToDesignation = $_POST['txtToDesignation'];
$txtDate = $_POST['txtDate'];
$cmbSolutation = $_POST['cmbSolutation'];
$txtToEntity = $_POST['txtToEntity'];
$txtToAdd1 = $_POST['txtToAdd1'];
$txtThankYou = $_POST['txtThankYou'];
$txtToAdd2 = $_POST['txtToAdd2'];
$cmbYoursTruely = $_POST['cmbYoursTruely'];
$txtToAdd3 = $_POST['txtToAdd3'];
$txtSignatureName = $_POST['txtSignatureName'];
$txtToCity = $_POST['txtToCity'];
$cmbSDesignation = $_POST['cmbSDesignation'];
$txtHeading1 = $_POST['txtHeading1'];
$txtEnch1 = $_POST['txtEnch1'];
$txtHeading2 = $_POST['txtHeading2'];
$txtEnch2 = $_POST['txtEnch2'];
$txtHeading3 = $_POST['txtHeading3'];
$txtEnch3 = $_POST['txtEnch3'];
$txtRational = $_POST['txtRational'];


//Insert Query of SQL
$query = mysql_query("INSERT INTO test(file_name, ref_no, to_name, confidential, designation, date, solutation, entity, add_1, thank_you, add_2, yours_truly, add_3, sign_name, city, s_designation, heading_line_1, encl_line_1, heading_line_2, encl_line_2, heading_line_3, encl_line_3, text) 

values 

    ('$txtTitle', '$txtReferance', '$txtToName', '$chkConfidential', '$txtToDesignation', '$txtDate', '$cmbSolutation', '$txtToEntity', '$txtToAdd1', '$txtThankYou', '$txtToAdd2', '$cmbYoursTruely', '$txtToAdd3', '$txtSignatureName', '$txtToCity', '$cmbSDesignation', '$txtHeading1', '$txtEnch1', '$txtHeading2', '$txtEnch2', '$txtHeading3', '$txtEnch3', '$txtRational')");
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}

//mysql_close($connection); // Closing Connection with Server
?>

这就是您要查找的内容:mysql_real_escape_string

在每个字段上使用它来转义此类字符。

$txtTitle = mysql_real_escape_string( $_POST['txtTitle'] );
// same for all other columns

PS:使用 mysqli ,mysql 已弃用且速度也很慢。

在将值插入数据库之前尝试此操作:

    $text = mysql_escape_string($_POST['text']);