ÇóÖú!!mysqlÊý¾Ý¿â²éѯÎÊÌâ - PHP / »ù´¡±à³Ì
ÕâÊÇÎÒµÄÒ»¶Î´úÂë:
<?php
$store_poster=$_POST['poster'];
$store_title=$_POST['title'];
$store_message=$_POST['message'];
$store_parent=$_POST['parent'];£¨parent ÊǸöÊý×Ö£¬ÆäËüµÄ¶¼ÊÇ×Ö·û´®£©
//check not a duplicate
$conn=mysql_connect('localhost','root','lvliangwei');
mysql_select_db('lvyou', $conn) or die ('Can\'t use lvyou : ' . mysql_error());
$query="select header.postid from header ,body where
header.postid=body.postid and
header.parent=".$store_parent." and
header.poster='".$store_poster."' and
header.title='".$store_title."' and
body.message='".$store_message."'";
$result=mysql_query($query)or die("invalid query: " . mysql_error());
if(!$result){return false;}
$num_rows=mysql_num_rows($result);
ÔÚä¯ÀÀÆ÷ÖÐÔËÐÐʱ³öÏÖÈëÏÂÌáʾ£º
invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near 'and header.poster= and header.title= and body.message='
ÕâÊÇÔõô»ØÊ ÎÒµÄ$queryÓï¾ä¸³ÖµÓдíô£¿
$store_poster $store_title $store_message ¶¼ÊÇ¿Õ
Äã°ÑÄÇЩֵ給ÉÏ
addslashes
Óï¾äÊÇûÓÐÎÊÌ⣬Ӧ¸ÃÊÇÄã²åÈëµÄÖµµÄÎÊÌâ¡£¿ÉÄÜÊÇûÓн«
Ïà¹ØÎÊ´ð£º
zend guard¼ÓÃܵÄphpÊÇ¿ÉÒÔÆƽâµÄ£¬ÓÐµÄ ËµÊÇʹÓú¯Êý»ìÏý¿ÉÒÔ¸üÄÑÆƽâһЩ¡£ÔõôʹÓÃÄØ¡£
»òÕß´ó¼Ò¸æËßÎÒÄÄÖÖ¼ÓÃÜ·½Ê½¸ü°²È«¡£Ð»Ð»ÁË¡£
ÎÒÄ¿Ç°µÄzend guard°æ±¾ÊÇ4.0.1
ÎÞ½â
ÒýÓÃ
ÎÞ½â
²»¿ÉÄÜ°É¡£ÔÚÍøÉϲéÁ ......
×î½üÒ»¸öÏîÄ¿ÖÐÓöµ½Ò»¸öÎÊÌ⣺ÔÚÔÓеÄÒ»Ì×ϵͳÖÐ(php¿ª·¢)Ìí¼ÓһЩС¹¦ÄÜ(jsp¿ª·¢)£¬ÔÀ´Óû§ÏµÍ³¶¼ÊÇphp¿ª·¢µÄ£¬ÎÒÈçºÎÔÚjsp¿ª·¢µÄ¹¦ÄÜÖÐ×öµ½Óû§ÐÅÏ¢sessionͬ²½ÄØ£¿ ÓÐÈËÊÇ·ñÓÐ×ö¹ýÀàÒÔÏîÄ¿£¬ÏëÌýÌý´ó¼ÒµÄ¿´·¨
......
mssql_select_db("f1",mssql_connect("localhost","sa","sa"));
mssql_select_db("f2",mssql_connect("192.168.0.1","sa","sa") ......
PHPÖÐ ÉùÃ÷±äÁ¿µÄʱºòÒ»¸ö$¸úÁ½¸ö$µÄÇø±ð
±ÈÈç˵
$var="333"; ±íʾ±äÁ¿ÃûΪ$varµÄ±äÁ¿µÄֵΪ333
$var="myvar";$$var="333";±íʾ±äÁ¿ÃûΪ$myvarµÄ±äÁ¿µÄֵΪ333
ÕâÑù˵Çå³þÁËÂð£¿
......
