1

我有一个查询到邮箱并尝试将所有电子邮件保存在表中。它在大多数情况下都有效,但当电子邮件内容值包含双引号或单引号时它会失败。我将如何修改我的代码以正确插入所有查询?

    $num = imap_num_msg($imap);
    if($num > 0)
    {
        for($b = $num; $b > 0; $b--)
        {
            $body = $this->get_part($imap, $b, "TEXT/HTML");
            if($body == "")
            {
                $body = $this->get_part($imap, $b, "TEXT/PLAIN");
            }
            $header = imap_headerinfo($imap, $b);
            $subject = $header->subject;
            $fromaddress = $header->fromaddress;
            $body = str_replace("'", "''", $body);
            //$body = str_replace("\"", "\"\"", $body);
            $sql3 = "INSERT INTO [tbl_test] (content) 
                    VALUES ('".$body."')";
            $result3 = mssql_query($sql3, $dbh1);
        }
    }

之后我得到这些错误:

警告:mssql_query(): 消息:字符串后的未闭合引号 '请调查为什么下面的 s....

警告:mssql_query():一般 SQL Server 错误:在第 38 行的 /var/www/testing.php 中检查来自 SQL Server(严重性 15)的消息

4

1 回答 1

3

You want to be using parameters:

$query = "INSERT INTO test (email, body) VALUES (?,?);";
$arrParams[]="my@domain.com";
$arrParams[]="My email body has quotes\'s or double quotes \" in it.";
$resource=sqlsrv_query($conn, $query, $arrParams);

Source: sqlsrv_query

于 2013-04-05T18:13:22.927 回答