2

我的 php 代码返回一些值,我正在尝试插入数据库。

$string =  '1,here,Skincare composition against free radicals'; //this is returned

'(insert into import (S.No,Name,Title)) values ($string)'

需要以适当的格式转换该字符串以插入数据库

'1','here','Skincare composition against free radicals'  //This is expected

内爆应该做吗?但我不知道怎么做?

4

1 回答 1

10

尝试,

$string =  "1,here,Skincare composition against free radicals";
$varList = explode(",", $string);
$newQuery = "INSERT INTO `import` (`S.No`,`Name`,`Title`) VALUES ('" . $varList[0] . "','" . $varList[1] . "','" . $varList[2] . "')";

但是查询很容易受到攻击SQL Injection,请阅读下面的文章了解如何学习保护它,

其他来源

于 2012-12-07T05:10:47.777 回答