PHP中的引号和斜线问题
[英]Quote and slash issue in PHP
问题描述
Every time i try to update my textarea and inside the textarea I add a quote " , after i update i get 1 \\ , i update again i get 3 slashes \\\\\\ , again 5 slashes and so on. Tried adding in php ini the the 3 codes to disable the magic quotes but nothing: 
每次我尝试更新textarea并在textarea内添加引号" ,更新后我得到1 \\ ,我再次更新我得到3斜杠\\\\\\ ,再次5斜杠,依此类推。尝试在php ini中添加3个禁用魔术引号的代码,但不执行任何操作:
magic_quotes_gpc = Off
magic_quotes_runtime = Off
magic_quotes_sybase = Off
Added also in the root folder and the folder where the file is located. 还添加到根文件夹和文件所在的文件夹中。 Also tried this http://us2.php.net/manual/en/security.magicquotes.disabling.php example 2 and first comment and still nothing. 还尝试了这个http://us2.php.net/manual/en/security.magicquotes.disabling.php示例2和第一个注释,但仍然没有。
This is my code: 这是我的代码:
PHP 的PHP
$username=$_SESSION['username'];
$viewtopic = $_GET['viewtopic'];
if ($_POST['edit'] && strip_tags($_POST['topictext'])){
$viewtopic = $_POST['id'];
$topictext=mysql_real_escape_string(strip_tags($_POST['topictext']));
$title=mysql_real_escape_string(strip_tags($_POST['title']));
mysql_query("UPDATE topics SET topictext=".quote_smart($topictext).", title=".quote_smart($title)." WHERE id=".quote_smart($viewtopic)."");
echo "You have updated your topic!";
}
HTML HTML
<textarea name="topictext" rows="2" cols="20" id="main_tbContent" class="TextBox" style="height:128px;width:99%;"><? echo str_replace("\\r\\n","\r\n",$rows['topictext']); ?></textarea><br />
1 个解决方案
解决方案1
1 已采纳 2013-12-08 18:57:16
Okay, in my code for my database entries, this is what I do. 好的,在我的数据库条目代码中,这就是我要做的。 Let me start by saying that I always send via POST method to avoid browser url complications. 首先,我总是通过POST方法发送邮件,以避免浏览器网址复杂化。
When I get the POST data, this is my code. 当我获得POST数据时,这就是我的代码。
$ID = 1;
$DATA = htmlentities(addslashes($_POST['data']));
$FIELD = lifename;
$DBQUERY = "UPDATE `lifetable` SET `$FIELD` = '$DATA' WHERE `id` = $ID";
$DBRESULT = $MYSQLI->query($DBQUERY);
When I ask for the information back in a select query, I do not do anything special, all I do is a normal fetch_assoc or fetch_array with no functions at all. 当我在选择查询中要求返回信息时,我没有做任何特别的事情,我所做的只是一个普通的fetch_assoc或fetch_array而没有任何功能。 This always works for both input values and textareas. 这始终适用于输入值和文本区域。
This should be yours: 这应该是你的:
mysql_query("UPDATE topics SET topictext='".htmlentities(addslashes($topictext))."', title='".htmlentities(addslashes($title))."' WHERE id='$viewtopic'");
And do not forget your single quotes when passing text data as a value in mysql. 并且在将文本数据作为mysql中的值传递时,请不要忘记单引号。 I added them. 我加了
I am currently using this on my local site. 我目前在我的本地站点上使用它。
Also, please remove all instances of mysql_real_escape_string functions. 另外,请删除mysql_real_escape_string函数的所有实例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.