2

人们对我上一个问题的建议似乎没有帮助。所以,我想在这里以完整的代码再次发布它:mysql_depriated.php:

<script>
 function fun()
 {
 var ajaxRequest;  // The variable that makes Ajax possible!

    try{
        // Opera 8.0+, Firefox, Safari
        ajaxRequest = new XMLHttpRequest();
    } catch (e){
        // Internet Explorer Browsers
        try{
            ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
        } catch (e) {
            try{
                ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
            } catch (e){
                // Something went wrong
                alert("Your browser broke!");
                return false;
            }
        }
    }

   var name = document.getElementById("name").value;
   var url = "mysql_depricated2.php";
   var param = "name=" + name;

   ajaxRequest.open("POST", url, true);

//Send the proper header information along with the request
ajaxRequest.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
ajaxRequest.setRequestHeader("Content-length", param.length);
ajaxRequest.setRequestHeader("Connection", "close");

    ajaxRequest.send(param); 
 }
</script>

 <input type="text" id="name">
 <input type="button" value="ajax&" onclick="fun()">

mysql_depriated2:

<?php
      $host="localhost"; // Host name
      $username="root"; // Mysql username
      $password=""; // Mysql password
      $db_name="example"; // Database name

   // Connect to server and select databse.
   $con=mysql_connect("$host", "$username", "$password")or die("cannot connect");
   mysql_select_db("$db_name")or die("cannot select DB");


 $content = $_POST['name'];
 $content=mysql_real_escape_string($content);

 $sql = "insert into e values('$content')";
 mysql_query($sql);
?>

如果我尝试插入包含 & 符号的字符串,它将不起作用。请问有什么解决办法吗?

4

1 回答 1

4

替换您的以下行:

ajaxRequest.send(param);

对于这个:

ajaxRequest.send( encodeURIComponent(param) );

因此,您将&特殊字符编码为其 url 编码形式,即%26.

于 2013-11-03T15:33:33.987 回答