关于php的问题,虚心请教会php的朋友 5
if(!function_exists("GetSQLValueString")){functionGetSQLValueString($theValue,$theTyp...
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($theValue) : mysqli_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
以上代码如果运行,插入的数据则全部为空白,表里只有时间,但是如果不用mysqli而是用mysql就没有这个问题,实在是解决不了了,所以来知道找找会php的朋友! 展开
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($theValue) : mysqli_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
以上代码如果运行,插入的数据则全部为空白,表里只有时间,但是如果不用mysqli而是用mysql就没有这个问题,实在是解决不了了,所以来知道找找会php的朋友! 展开
1个回答
展开全部
//这个函数大概意思就是过滤你要执行的sql,为了安全。 if (!function_exists("GetSQLValueString")) {//检查GetSQLValueString这个方法存在不,如果不存在,执行下面的逻辑 function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") //定义这个方法 { if (PHP_VERSION < 6) {//如果php版本小于6 $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;//如果get_magic_quotes_gpc方法存在,就用stripslashes方法去除反斜杠,这里主要是过滤字符。不存在就不过滤 } //mysql_real_escape_string这个方法存在,则用mysql_real_escape_string转义sql中的特殊字符,否则就用mysql_escape_string函数过滤字符 $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) {//判断类型 case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";//如果$theValue不等于空,就返回"'" . $theValue . "'",不然就复制NULL break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; }}mysql_select_db($database_conn, $conn);//使用数据库$query_Recordset1 = "SELECT * FROM bjlb";//sql语句$Recordset1 = mysql_query($query_Recordset1, $conn) or die(mysql_error());//链接数据库$row_Recordset1 = mysql_fetch_assoc($Recordset1);//解析资源$totalRows_Recordset1 = mysql_num_rows($Recordset1);//返回资源数目
追问
复制的答案,你也要看好我说的意思在回答啊mysqli和mysql,用mysql就可以正常插入,用mysqli就不行了!
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
