数组 $rf 的值包含一个点:
$rf = array(img34563.jpg , img34536.jpg);
$query = "SELECT * FROM $appin_table WHERE img IN ( ".implode( ',' , $rf )."";
$result = mysql_query($query)
or die(mysql_error());
我怎样才能逃脱这个点,这可能吗?
提前致谢。
仅逃避点对你没有帮助;你最终会得到这样的查询:
SELECT * FROM table WHERE img IN(img34563.jpg , img34536.jpg)
您必须先应用引号:
function quote($k)
{
return '"' . mysql_real_escape_string($k) . '"';
}
$values = array_map('quote', $rf);
$query = "SELECT * FROM $appin_table WHERE img IN ( ".implode( ',' , $values )."";
为了避免转义,请使用准备好的语句:
$rf = array('img34563.jpg', 'img34536.jpg');
$db_connection = new mysqli("localhost", "user", "pass", "db");
$statement = $db_connection->prepare("SELECT * FROM $appin_table WHERE img IN (?,?)");
$statement->bind_param("ss", $rf[0], $rf[1]);
$statement->execute();