与“&"链接:“&"号,不插入数据库 [英] Link with "&": ampersand not insert into database
问题描述
如何在数据库中插入带有html特殊字符的链接,例如& (&"符号)?当我插入它时,输出被切掉.
例如:此链接
https://www.youtube.com/watch?v = TCnxD9V9lGE& index = 24& list = PLNVssP8zTtVk5asCmP703gEvR_lG-Ur-S
以及插入后的输出:
& (和号)符号,其余符号被删去.
这是我的代码:
$ data =与&(和号)链接";$ data = mysqli_real_escape_string($ connect_db,$ data); 您应该考虑使用准备好的查询.这样可以避免大多数将特殊字符插入数据库的问题.PDO是使用预准备语句的最佳方法(imo).使用PDO大致可以看到您的代码:
$ connect_db = new PDO('mysql:dbname = yourdb; host = 127.0.0.1; charset = utf8','root','');$ url =//您的带有&符号的网址$ insertquery = $ connect_db-> prepare("INSERT INTO table1(urlstring,...)VALUES(:url,...)");$ insertquery-> bindParam(':url',$ url);$ insertquery-> execute(); 熟悉准备好的查询也将有助于防止SQL注入.一旦您对PHP更加有信心,请查看此PDO指南: https://phpdelusions.net/pdo
How to insert in database a link with a html special chars like & (ampersand) symbol ? When I inserted it, the output is cut out..
For example: this link
https://www.youtube.com/watch?v=TCnxD9V9lGE&index=24&list=PLNVssP8zTtVk5asCmP703gEvR_lG-Ur-S
and the output after I've inserted it:
The & (ampersand) symbol and the rest is cut out.
This is my code:
$data = "LINK with & (ampersand)";
$data = mysqli_real_escape_string($connect_db, $data);
You should consider using prepared queries. This will prevent most problems with special characters being inserted into databases. PDO is the best way (imo) to use prepared statements. This is roughly how your code would look using PDO:
$connect_db = new PDO('mysql:dbname=yourdb;host=127.0.0.1;charset=utf8', 'root', '');
$url = //your url with ampersands
$insertquery = $connect_db->prepare("INSERT INTO table1 (urlstring, ...) VALUES (:url,...)");
$insertquery->bindParam(':url',$url);
$insertquery->execute();
Getting familiar with prepared queries will also help prevent SQL injection. Once you're a bit more confident with PHP, take a look at this guide for PDO: https://phpdelusions.net/pdo
这篇关于与“&"链接:“&"号,不插入数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
