我有这个 PHP 代码:
$ua = $mysqli->real_escape_string($_SERVER['HTTP_USER_AGENT']);
$mysqli->query("INSERT INTO browsers(useragent, account, allowed, key, ip) VALUES('$ua', {$userR['id']}, 0, '(Key/token)', '(IP address)')");
以下 SQL 查询是:
INSERT INTO browsers(useragent, account, allowed, key, ip) VALUES('Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17', 8, 0, 'bc132b38f35a01ce', '127.0.0.1')
但是:即使转义查询也不起作用:
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key, ip) VALUES('Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.17 (KHTML, like' at line 1
最佳答案
您在查询中使用了 mysql RESERVED KEYWORD,即 key,只需用反引号 ` 将其括起来,让数据库知道它是一列
$mysqli->query("INSERT INTO browsers(useragent, account, allowed, `key`, ip) VALUES('$ua', {$userR['id']}, 0, '(Key/token)', '(IP address)')");
关于php - 转义用户代理 : $mysqli->real_escape_string does not work,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16786902/