Find centralized, trusted content and collaborate around the technologies you use most.
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
快速问题:如何 mysqli_escape_string 包含在 like 子句中的变量?
"SELECT * FROM table WHERE name LIKE '%". %s . "%'"
或者
"SELECT * FROM table WHERE name like '%"."%s"."%'"
不工作。
谢谢!
$value = mysql_real_escape_string($_POST["terms"]); $query = "SELECT * FROM table WHERE name LIKE '%".$value."%'";
或者你可以像这样使用 sprintf 来实现这一点:
$query = sprintf("SELECT * FROM table WHERE name LIKE '%s'", "%".$value."%");