1 
$brand_condition = ' AND ' . mysql_real_escape_string($brand_selection) . ' IN ';

$brand_condition .= $quote10 . '"'. mysql_real_escape_string($brand_value) . '"' .$quote9;

$brand_conditions[] = $brand_condition;

$query .= implode(' AND ', $brand_conditions) . '';

这会产生:AND 制造商 IN ("brand1,brand2")

由于我使用的是 IN 语句,因此我需要引用这些值。同时,我正在使用 mysql_real_escape_string 转义潜在的引号。

有没有人看到解决这个小问题的简单方法?

4

5 回答 5

3 
function quote_escape(&$str) {
    $str = '"' . mysql_real_escape_string(chop($str)) . '"';
}

$brands = explode(',', $brand_value);
array_walk($brands, "quote_escape");
$brands = implode(',', $brands);

或者

function quote_escape($str) {
     return '"' . mysql_real_escape_string(chop($str)) . '"';
}
$brands = implode(',', array_map("quote_escape", explode(',', $brand_value)));
于 2011-07-26T15:24:28.787 回答
2

$brand_conditions[] = '"'.$brand_condition.'"';那么在您在数组中添加brand_condition 之前添加引号怎么样。

于 2011-07-26T15:24:25.453 回答
1 
$concurrent_names = array("O'reilly", 'Tupac "MC New York" Shakur', 'Nemoden');
$escaped_concurrent_names = array_map('mysql_real_escape_string', $concurrent_names);
$condition = 'WHERE name in ("'.implode('", "', $escaped_concurrent_names).'")';
于 2011-07-26T15:22:48.217 回答
0

使用它为内爆字符串添加引号。

$values = implode(" ',' ", array_values($values) );

于 2014-03-18T10:13:21.277 回答
-1 
$brands=array(nokia,samsung,xiomi);

$brands=implode(" ',' ",$brand);

//$brands='nokia','samsung','xiomi';

WHERE column_name IN ($brands)
于 2017-03-09T09:03:19.553 回答