mysql_real_escape_string是将所有带有特殊字符进行转义 下列字符受影响: x00 n r \ ' " x1a 假如你要转义,请将查询参数转义了再带入sql ,如 $aid = mysql_real_escape_string("14218902787457024"); $date = mysql_real_escape_string("20170302"); select orderid from order where date = $date AND aid ='$aid'
mysql_real_escape_string是将所有带有特殊字符进行转义
下列字符受影响:
x00
n
r
\
'
"
x1a
假如你要转义,请将查询参数转义了再带入sql ,如
$aid = mysql_real_escape_string("14218902787457024");
$date = mysql_real_escape_string("20170302");
select orderid from order where date = $date AND aid ='$aid'