如何在双引号字符串文字中转义双引号
How to escape double-quotes in a double-quoted string literal
这很奇怪,我想不通:
$query = "SELECT * FROM [master].[dbo].[TestTbl] WHERE Agentd_ID = "$_SESSION['agentid']" ";
我也试过:
$query ='SELECT * FROM [master].[dbo].[TestTbl] WHERE Agentd_ID = "$_SESSION['agentid']" ';
非常感谢你们的帮助:D
您可能正在寻找
$query = "
SELECT
*
FROM
[master].[dbo].[TestTbl]
WHERE
Agentd_ID = \"{$_SESSION['agentid']}\"
";
但是 阅读了 https://en.wikipedia.org/wiki/SQL_injection
然后为您的数据库寻找合适的 encoding/escaping 函数 (t-sql?) and/or 带参数的准备语句。
另请参阅:
http://docs.php.net/manual/en/language.types.string.php
http://docs.php.net/manual/en/language.types.string.php#language.types.string.parsing
这很奇怪,我想不通:
$query = "SELECT * FROM [master].[dbo].[TestTbl] WHERE Agentd_ID = "$_SESSION['agentid']" ";
我也试过:
$query ='SELECT * FROM [master].[dbo].[TestTbl] WHERE Agentd_ID = "$_SESSION['agentid']" ';
非常感谢你们的帮助:D
您可能正在寻找
$query = "
SELECT
*
FROM
[master].[dbo].[TestTbl]
WHERE
Agentd_ID = \"{$_SESSION['agentid']}\"
";
但是 阅读了 https://en.wikipedia.org/wiki/SQL_injection
然后为您的数据库寻找合适的 encoding/escaping 函数 (t-sql?) and/or 带参数的准备语句。
另请参阅:
http://docs.php.net/manual/en/language.types.string.php
http://docs.php.net/manual/en/language.types.string.php#language.types.string.parsing