尝试在数据库中查找和替换 javascript 时,为什么会在 SQL 中收到错误消息 [英] Why do I receive an error in SQL when trying to find and replace javascript within a database
问题描述
我正在尝试在 phpMyAdmin 中运行查找和替换,因为愚蠢的黑客在我设计的网站中插入了一个数据库.我正在寻找出现在 600 多个不同帖子中的特定文本字符串:
I'm trying to run a find and replace in phpMyAdmin because stupid hackers have inserted a db in a website I designed. I'm looking for this specific string of texts that appears in 600+ different posts:
<script src='https://hotopponents.site/site.js' type='text/javascript'></script>
我不断收到此错误:
错误:未知标点字符串@ 67
ERROR: Unknown Punctuation String @ 67
这是正在尝试运行的 SQL 查询查找和替换;
This is the SQL Query find and replace is trying to run;
SELECT `post_content`, REPLACE(`post_content`, '<script src='https://hotopponents.site/site.js' type='text/javascript'></script>', ''), COUNT(*) FROM `db709131568`.`wp_posts` WHERE `post_content` LIKE '%<script src='https://hotopponents.site/site.js' type='text/javascript'></script>%' COLLATE utf8_bin GROUP BY `post_content` ORDER BY `post_content` ASC
除了手动编辑 600 多个单独的内容字符串,我还能做什么?
Whats can I do besides manually edit 600+ individual strings of content?
推荐答案
您需要通过将单引号加倍来对它们进行转义.
You need to escape the single quotes by doubling them.
SELECT `post_content`, REPLACE(`post_content`, '<script src=''https://hotopponents.site/site.js'' type=''text/javascript''></script>', ''), COUNT(*) FROM `db709131568`.`wp_posts` WHERE `post_content` LIKE '%<script src=''https://hotopponents.site/site.js'' type=''text/javascript''></script>%' COLLATE utf8_bin GROUP BY `post_content` ORDER BY `post_content` ASC
(说到转义,您也可以考虑在显示用户输入的内容时使用 HTML 转义.)
(Speaking of escapes, you might also consider using HTML escapes when displaying user entered content.)
这篇关于尝试在数据库中查找和替换 javascript 时,为什么会在 SQL 中收到错误消息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!