INSERT INTO `Sale_Order` (`id`,`number`,`order_id`, `order_status`, `buyer_name`, `buyer_email`, `buyer_phone_number
`, `total_price`, `currency`, `phone`, `postal_code`, `recipient_name`, `ship_address`, `ship_state`
, `city`, `country`, `account`, `lastup_date`, `payments_date`, `delivery_date`, `download_date`, `delivery_warehouse
`) VALUES (NULL,'1','249-4503994-1570232','2','杉本 圭\','jc3mwnzmvtcqgpg@marketplace.amazon.co.jp','','1000
.00','JPY','','225-0003','ロ?ソ\ンL たまプラ?ザ?南口','横浜市青?区新石川3?15?2 ','神奈川?','--','JP','JP_John','','2015-03-27T20
:43:50+09:00','',NOW(),'FBA')
以上报错
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'jc3mwnzmvtcqgpg@marketplace.amazon.co.jp','','1000 .00','JPY','','225-0003','ã?' at line 2
插入之前都转了UTF-8的,请问这里面,哪有问题??
'杉本 圭\' 看到了么,你的单撇号被转义了。因此会报语法错误。
如果是外部插入的,那么很可能是因为你根本没有过滤和转义得到的参数。
请问怎么过滤掉这些导致插入失败的字符啊?
可以在插入之前就是用函数进行转义,有个php函数叫
addslashes()?
先用mysql_real_escape_string做一次转义
$name = mysql_real_escape_string($name);$sqlstr = "insert into table(`name`) values('".$name."')";
![[Web-Frontend] Node.js-Schnellstart](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
