我在网上读到关闭魔术引号是数据库中添加的许多转义字符的简单答案,例如:
电子邮件:href="\"\"\\"\\\\"\\\\\\\\"\\\\\\\\\\\\\\\\"\\\\
所以我使用 htaccess 来关闭魔术引号:php_flag magic_quotes_gpc Off
问题是它完全破坏了我的网页,div 被合并,事情完全被破坏了。
我知道在这个论坛上被问了很多,但我无法正确使用语法,这是我在 save.php 中使用的
<?php
include("db.php");
$content1 = $_POST['content1']; //get posted data
$content1 = mysql_real_escape_string($content1); //escape string
$content2 = $_POST['content2']; //get posted data
$content2 = mysql_real_escape_string($content2); //escape string
$content3 = $_POST['content3']; //get posted data
$content3 = mysql_real_escape_string($content3); //escape string
$content4 = $_POST['content4']; //get posted data
$content4 = mysql_real_escape_string($content4); //escape string
$content5 = $_POST['content5']; //get posted data
$content5 = mysql_real_escape_string($content5); //escape string
$content6 = $_POST['content6']; //get posted data
$content6 = mysql_real_escape_string($content6); //escape string
$content7 = $_POST['content7']; //get posted data
$content7 = mysql_real_escape_string($content7); //escape string
$content8 = $_POST['content8']; //get posted data
$content8 = mysql_real_escape_string($content8); //escape string
$content9 = $_POST['content9']; //get posted data
$content9 = mysql_real_escape_string($content9); //escape string
$content10 = $_POST['content10']; //get posted data
$content10 = mysql_real_escape_string($content10); //escape string
$content11 = $_POST['content11']; //get posted data
$content11 = mysql_real_escape_string($content11); //escape string
$content12 = $_POST['content12']; //get posted data
$content12 = mysql_real_escape_string($content12); //escape string
$content13 = $_POST['content13']; //get posted data
$content13 = mysql_real_escape_string($content13); //escape string
$content14 = $_POST['content14']; //get posted data
$content14 = mysql_real_escape_string($content14); //escape string
$content15 = $_POST['content15']; //get posted data
$content15 = mysql_real_escape_string($content15); //escape string
$content16 = $_POST['content16']; //get posted data
$content16 = mysql_real_escape_string($content16); //escape string
$content17 = $_POST['content17']; //get posted data
$content17 = mysql_real_escape_string($content17); //escape string
$content18 = $_POST['content18']; //get posted data
$content18 = mysql_real_escape_string($content18); //escape string
$content19 = $_POST['content19']; //get posted data
$content19 = mysql_real_escape_string($content19); //escape string
$content20 = $_POST['content20']; //get posted data
$content20 = mysql_real_escape_string($content20); //escape string
$content21 = $_POST['content21']; //get posted data
$content21 = mysql_real_escape_string($content21); //escape string
$sql = "UPDATE content SET text = LTRIM('$content1' WHERE element_id = '1') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content2' WHERE element_id = '2') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content3' WHERE element_id = '3') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content4' WHERE element_id = '4') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content5' WHERE element_id = '5') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content6' WHERE element_id = '6') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content7' WHERE element_id = '7') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content8' WHERE element_id = '8') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content9' WHERE element_id = '9') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content10' WHERE element_id = '10') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content11' WHERE element_id = '11') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content12' WHERE element_id = '12') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content13' WHERE element_id = '13') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content14' WHERE element_id = '14') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content15' WHERE element_id = '15') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content16' WHERE element_id = '16') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content17' WHERE element_id = '17') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content18' WHERE element_id = '18') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content19' WHERE element_id = '19') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content20' WHERE element_id = '20') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content21' WHERE element_id = '21') ";
mysql_query($sql);
------ 更新----
好的,所以我已经删除了上面冗长的代码,这就是我在 save.php 中剩下的内容:
<?php
include("db.php");
for ($i = 1; $i < 21; $i++) {
$content = $_POST['content' . $i]; //get posted data
$content = mysql_real_escape_string($content); //escape string
$sql = "UPDATE content SET text = LTRIM('$content' WHERE element_id = $i)";
mysql_query($sql);
}
if (mysql_query($sql))
{
echo 1;
}
?>
但是......它不再保存了,任何人都可以看到语法错误?
----- 新更新 -----
难道是我的 ajax save.js 需要更新?因此,在我使用“for”循环更新了 save.php 之后,我收到错误保存到 DB 的原因是什么?请参阅下面的 save.js 代码
$("#save").click(function (e) {
var content1 = $('.editable1').html();
var content2 = $('.editable2').html();
var content3 = $('.editable3').html();
var content4 = $('.editable4').html();
var content5 = $('.editable5').html();
var content6 = $('.editable6').html();
var content7 = $('.editable7').html();
var content8 = $('.editable8').html();
var content9 = $('.editable9').html();
var content10 = $('.editable10').html();
var content11 = $('.editable11').html();
var content12 = $('.editable12').html();
var content13 = $('.editable13').html();
var content14 = $('.editable14').html();
var content15 = $('.editable15').html();
var content16 = $('.editable16').html();
var content17 = $('.editable17').html();
var content18 = $('.editable18').html();
var content19 = $('.editable19').html();
var content20 = $('.editable20').html();
var content21 = $('.editable21').html();
$.ajax({
url: 'save.php',
type: 'POST',
data: {
content1: content1,
content2: content2,
content3: content3,
content4: content4,
content5: content5,
content6: content6,
content7: content7,
content8: content8,
content9: content9,
content10: content10,
content11: content11,
content12: content12,
content13: content13,
content14: content14,
content15: content15,
content16: content16,
content17: content17,
content18: content18,
content19: content19,
content20: content20,
content21: content21
},
success:function (data) {
if (data == '1')
{
$("#status")
.addClass("success")
.html("Data saved successfully")
.fadeIn('fast')
.delay(3000)
.fadeOut('slow');
}
else
{
$("#status")
.addClass("error")
.html("An error occured, the data could not be saved")
.fadeIn('fast')
.delay(3000)
.fadeOut('slow');
}
}
});
});