将 HTML 插入数据库 [英] Inserting HTML into database

问题描述

我正在将数据插入包含一些基本 html 标签、双引号和单引号的表中.

I am inserting data into a table which contains some basic html tags, double quotes and single quotes.

我正在使用以下行来处理数据:

I am using the following line to handle the data:

htmlentities(($_POST[content]), ENT_QUOTES);

问题在于，当我选择此数据将其带回屏幕时，会显示实际的 html 标记而不是呈现 html，即如果我使用 bold</b> 标签，将其显示为文本，而不是使该标签内的文本粗体.如果我不使用上面的行，即

The problem with this is that when I select this data to bring it back onto the screen, displays the actual html tags instead of rendering the html, i.e. if I use the <b>bold</b> tag, is displays it as text instead of making the text within that tag bold. If I don't use the above line, i.e.

htmlentities(($_POST[content]), ENT_QUOTES);

然后就不能把数据插入到数据库中了，因为数据可以包含单引号和双引号.

Then I can't insert the data into the database because the data can contain single quotes and double quotes.

我该如何处理这个问题?

How do I deal with this issue?

所以基本上，我应该能够将数据插入到单引号或双引号不会引起问题的数据库中.当将数据渲染回屏幕时，它应该渲染 html 标签，因为它们应该渲染到浏览器中，并且引号应该显示为被渲染回屏幕的文本中的引号.

So basically, I should be able to insert the data into the database where single or double quotes should not cause a problem. When when rendering the data back onto the screen, it should render html tabs as they should get rendered into the browser and the quotes should be displayed as quotes in the text being rended back onto the screen.

推荐答案

$html = mysql_real_escape_string($html);

http://php.net/manual/en/function.mysql-real-escape-string.php

在使用这个函数之前，确保你已经建立了正确的mysql连接mysql_connect.

Make sure you have made a proper mysql connection mysql_connect before using this function.

这篇关于将 HTML 插入数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！