我有以下表,以下是查询我已经使用了所有可能的检查来解决这个问题。问题是插入工作与phpMyAdmin,但不与PHP。我试了所有方法,但还是有同样的问题。
下面是我的表代码:
CREATE TABLE IF NOT EXISTS `cle` (
`id` int(40) NOT NULL AUTO_INCREMENT,
`title` varchar(444) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL DEFAULT 'Article',
`content` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`url` varchar(222) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`status` int(11) DEFAULT '0',
`alt` varchar(400) DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `url` (`url`,`status`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
插入代码:
INSERT INTO cle (content,url,alt) VALUES (' <br> <span name=KonaFilter style="width:100%;"><center><font size="4"><b>Rate? Part 1</b> by<b> </b></font></center></span> <span> <br> <center> <br><td><img src="http://a1.abc.com/a/spacer.gif" height="0" width="1"></td></tr> <tr><td>Article Posted: 04/04/2005</td></tr> </table> </td> </tr> </table> <table cellspacing="0" cellpadding="1" width="100%" border=0> <tr> <td><h1 style="color:02679D; font-size:16"><b><span name=KonaFilter>Howe? Part 1</span></b></h1></td> <td align="right"> <table border=0 cellpadding=4> <tr> <td valign="top"> <img name="btn36" src="http://a4.abc.com/a/js_feed_article.gif" width=48 height=38 onclick="ClipBoard(input36);" onmouseover="this.style.cursor = 'hand';"> <input type="hidden" name="input36" value='</td> <td valign="top"> <a href="http://www.a.com/Email_Article.cfm?articleid=36"><img src="http://a4.abc.com/a/email_me.gif" width=38 height=33 border=0></a> </td> </tr> </table> </td> </tr> <tr> <td colspan=2> </td> </tr> <tr><td><br> <br></td></tr> <tr> <td valign="bottom" colspan=2> <form name="formx" action="/article_detail.cfm?articleid=36" method="post"> <input type="hidden" name="flagged" value=1> <input type="image" src="http://a1.abc.com/a/categorize.gif" alt="Is gory?" onclick="flag();"> </form> </td></tr> </tr> <tr><td colspan=2><img src="http://a1.abc.com/a/spacer.gif" height="5" width="1"></td></tr> <tr><td colspan=2> <div align=left style="width:370; height:315;">s we’ll sues. <br> Question 1:? Do on such as “read more here” or? <br> What bsite. “Read More Here” us ASP vendors, rates, why itrates. <br> <p><br<!-- --> <table cellspacing=1 cellpadding="1" border=0 width="130" bgcolor="5A5A5A"> <tr> <td valign="middle" align="right" height="10" style="background-repeat:no-repeat;" bgcolor="ffffff" background="http://a15.abc.com/a/catbox.gif"> <font face="arial" style='font-size:12'><b><font style='font-family:verdana; font-size:9'>Rate This Article</font> <img onclick='closeWindow();' src='/a/close.gif'> </b></font></td> </tr> <tr><td bgcolor="dddcdd"> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="center"> <table border=0> <form name="form2" action="" method="post"> <tr><td colspan=5><input type="text" name="xDesc" value="" style="border:0 px; font-size:10;background-color:dddcdd" contenteditable="false"></td> </form> <tr> <td width="20%"> </td> <td width="20%"> <form name="rateform2" action="/feedback.cfm/36?articleid=36&title=2C1" method="post"> <input type="hidden" name="rating" value=2> <img src="http://a2.abc.com/a/empty_star.gif" name="imagetwo" alt="Minimal useful information." style="border:0px" onclick="rate(2);" onmouseover="starDesc(2);" onmouseout="starDesc(0);emptyStar(2);"> </form> </td> <td width="20%"> <form name="rateform3" action="/f.cfm/36?articleid=36C1" method="post"> <input type="hidden" name="rating" value=3> <img src="http://a3.abc.c.gif" name="imagethree" alt="Decent and informative." style="border:0px" onclick="rate(3);" onmouseover="starDesc(3);" onmouseout="starDesc(0);emptyStar(3);"> </form> </td> <td width="20%"> <form name="rateform4" action="/feedback.cfm/36?articleid=36&title=C1" method="post"> <input type="hidden" name="rating" value=4> <img src="http://a4.abc.com/a/emptyr.gif" name="imagefour" alt="Gre." style="border:0px" onclick="rate(4);" onmouseover="starDesc(4);" onmouseout="starDesc(0);emptyStar(4);"> </form> </td> <td width="20%"> <form name="rateform5" action="/fem/36?articleid=36&title=C1" method="post"> <input type="hidden" name="rating" value=5> <img src="http://a5.abc.com/a/empty_star.gif" name="imagefive" alt="A 'Must Read'." style="border:0px" onclick="rate(5);" onmouseover="starDesc(5);" onmouseout="starDesc(0);emptyStar(5);"> </form> </td> </tr> </table> </td> </tr> </table> </td> </tr> <tr><td bgcolor="5A5A5A"><img src="http://a1.aer.gif" height="8" width="100%"></td></tr> </table> </div> <script type="text/javascript"> //Enter "frombottom" or "fromtop" var verticalpos="frombottom" function JSFX_FloatTopDiv() { var tmpcookie = new Date(); chkcookie = (tmpcookie.getTime() + ''); document.cookie = "chkcookie=" + chkcookie + "; path=/"; if (document.cookie.indexOf(chkcookie,0) < 0) { divStayTopLeft.style.left=-1000; } else { starDesc(0); var startX = 0, startY = 100; var ns = (navigator.appName.indexOf("Netscape") != -1); var d = document; function ml(id) { var el=d.getElementById?d.getElementById(id):d.all?d.all[id]:d.layers[id]; if(d.layers)el.style=el; el.sP=function(x,y){this.style.left=x;this.style.top=y;}; el.x = startX; if (verticalpos=="fromtop") el.y = startY; else{ el.y = ns ? page
<p> </td> </tr> <tr><td align="center" > <p> <p> <font size=3 color=990000>Doe? Have a Comment? POST IT!</font><p> <table cellspacing=1 cellpadding="4" border=0 width="100%" bgcolor="4D4D4D" align="center"> <tr> <td align="right" height="23" style="background-repeat:no-repeat;" bgcolor="ffffff" background=""> <font face="arial" style='font-size:12'><b>Re</b></font> </td> </tr> <tr><td bgcolor="dddddd"> <form action="/post_.cfm" method="post"> <table width="100%" cellpadding=3 border=0 cellspacing=1> </table> <table width="100%" cellpadding=5 border=0> <tr><td colspan=2><font size=2><strong>Sue.</strong></font></td></tr> <tr> <td colspan=2 align="center">Make this comment <input type=radio selected name=PublicPrivate value="Public" label="Public"> <label for="Public">Public</label> or <input type=radio name=PublicPrivate value="Private" label="Private"> <label for="Private">Private</label> to th:</td> </tr> <tr> <td align="right">Name:</td> <td> <input type="text" name="name" value="" size=50> </td> </tr> <tr> <td align="right" valign="top">Email:</td> <td><input type="text" name="Emss" value="" size=50><br> <font size=1 color="ff0000">*Youy.</font></td> </tr> <tr> <td align="right" valign="top">Comments:</td> <td><font size=1 color="ff0000">*Yongly.</font><br> <textarea cols=45 rows=10 name="Comments"></textarea></td> </tr> <tr> <td> </td> <td><img src="http://a6.abc.com/f.jpg"></td> </tr> <tr> <td align="right" valign="top">Pge:</td> <td align="left"><input type="text" maxlength=6 name="ImageCode" value="" size=10></td> </tr> <tr> <td colspan=2 align="center"> <input type="hidden" name="ArticleID" value="36"> <input type="hidden" name="x" value="gwSIMR"> <input type="hidden" name="Author
ID" value=""> <input type="hidden" name="ReturnTo" value="/article_detail.cfm?articleid=36"> <input type="Submit" value="Sut" name="PostComment"> </td> </tr> </table> </form> </td> </tr> <tr><td bgcolor="4D4D4D"><img src="http://a1.abc.com/er.gif" height="8" width="100%"></td></tr> </table> </td></tr> </table> </span> <br>','http://www.a.com/article_detail.cfm?articleid=36','-')
这是一个sqlfiddle
我哪里出错了?
如果您将内容以文字形式从PHP抛出到MySQL,则需要转义两次。第一个反斜杠将被PHP解释,而不是MySQL。
如果你有一个函数调用如下(例如):
function_called("this' quote");
函数将实际接收"this' quote",而不是反斜杠版本。
要解决这个问题,有两个解决方案:
- 依赖PDO或MySQLi提供的查询参数化(从长远来看更安全)
- 双逃逸的东西。这个引号就变成了
This\' quote
。在第一次传递时,被解释为,'变成'。在第二次传递(MySQL)时,剩下的是'.
我认为你的插入查询错误
可以用name="KonaFilter"
代替name=KonaFilter
我认为问题在这一行我们会起诉的。问题1:?试着将这条线替换为"我们会起诉的。"问题1:?"