SQL语句语法中的Php函数
我有以下代码。我希望username接受getUserName函数的值,但是我在与语法作斗争。谁能告诉我正确的答案是什么SQL语句语法中的Php函数,php,sql,Php,Sql,我有以下代码。我希望username接受getUserName函数的值,但是我在与语法作斗争。谁能告诉我正确的答案是什么 $query = "SELECT user FROM users_entity WHERE username = getUserName()"; 可以对句点使用串联: $query = "SELECT user FROM users_entity WHERE username = '".mysql_real_escape_string(getUserName())."'";
$query = "SELECT user FROM users_entity WHERE username = getUserName()";
可以对句点使用串联:
$query = "SELECT user FROM users_entity WHERE username = '".mysql_real_escape_string(getUserName())."'";
一定要逃出你的数据 不能将函数的结果直接嵌入字符串中。但是,您可以存储变量的内容:
$username = mysql_real_escape_string(getUserName());
$query = "SELECT user FROM users_entity WHERE username = '$username'";
或者,您可以像这样连接字符串:
$query = 'SELECT user FROM users_entity WHERE username = \'' . mysql_real_escape_string(getUserName()) . '\'';
$query = sprintf("SELECT user FROM users_entity WHERE username = '%s'"
mysql_real_escape_string(getUserName())
);
不能在字符串中插入(内部字符串替换)PHP函数名
你可能想要更像这样的东西:
$query = 'SELECT user FROM users_entity WHERE username = \'' . mysql_real_escape_string(getUserName()) . '\'';
$query = sprintf("SELECT user FROM users_entity WHERE username = '%s'"
mysql_real_escape_string(getUserName())
);