Php CodeIgniter-转义SQL
我正在尝试更新我的数据库。其中一个列值包含撇号等。我在CodeIgniter中对可能包含此类字符的字符串使用了Php CodeIgniter-转义SQL,php,mysql,sql,codeigniter,Php,Mysql,Sql,Codeigniter,我正在尝试更新我的数据库。其中一个列值包含撇号等。我在CodeIgniter中对可能包含此类字符的字符串使用了$this->db->escape,但仍然出现以下错误: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'O\'Keeffe, O\'Keefe'' WHERE `su
$this->db->escapeYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'O\'Keeffe, O\'Keefe'' WHERE `survey_id` = 188' at line 1
UPDATE `survey` SET `firstname_confidence_score` = 100, `firstname_rhymes` = '''', `lastname_confidence_score` = 85, `lastname_rhymes` = ''O\'Keeffe, O\'Keefe'' WHERE `survey_id` = 188;
$sql = "UPDATE `$table_name` SET `firstname_confidence_score` = $firstname_confidence_score, `firstname_rhymes` = '" . $this->db->escape($firstname_rhymes) . "', `lastname_confidence_score` = $lastname_confidence_score, `lastname_rhymes` = '" . $this->db->escape($lastname_rhymes) . "' WHERE `$primary_id` = $id;";
$result = $this->db->query($sql);
您在lastname_Rymes值周围有双撇号。因为您使用的是
$this->db->escape() $sql = "UPDATE `$table_name`
SET `firstname_confidence_score` = $firstname_confidence_score,
`firstname_rhymes` = " . $this->db->escape($firstname_rhymes) . ",
`lastname_confidence_score` = $lastname_confidence_score,
`lastname_rhymes` = " . $this->db->escape($lastname_rhymes) .
"WHERE `$primary_id` = $id;";
您不需要在
$this->db->escape($firstname\u hylms)$this->db->escape() $sql = "UPDATE `$table_name`
SET `firstname_confidence_score` = $firstname_confidence_score,
`firstname_rhymes` = " . $this->db->escape($firstname_rhymes) . ",
`lastname_confidence_score` = $lastname_confidence_score,
`lastname_rhymes` = " . $this->db->escape($lastname_rhymes) .
"WHERE `$primary_id` = $id;";
你不需要在
$this->db->escape($firstname\u-hylms)escapeescape'O'Keeffe,O'Keefe''O'Keeffe,O'Keefe'