替换 mySQL 中包含引号的单词时出错
我已经更新了许多记录,但是当涉及到包含引用的单词时,我收到此错误:“错误:未关闭的引用@ 1357”
我知道为什么它给我这个错误,我只是不知道如何解决它。
这是一个示例: UPDATE invnum SET cAccountName = Replace(cAccountName,'JOHN'S','BEN')
提前致谢。
I have updated many records already, but when it came to a word that contains a quote I get this error: "ERROR: Unclosed quote @ 1357"
I know why it's giving me this error, I just don't how to solve it.
Here's a sample:
UPDATE invnum SET cAccountName = replace(cAccountName,'JOHN'S','BEN')
Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
在字符串中转义引号:
你要非常小心这一点 - 没有正确处理这一点是 SQL注入攻击,是安全问题的一个主要来源。
Escape quotes inside strings:
You want to be really careful with this - not dealing with this properly is the source of SQL injection attacks, and is a major source of security problems.
如果您使用脚本来更新记录,请使用内置转义函数。对于 php,这将是 mysql_real_escape_string
if you’re using a script to update your records use a builtin escaping function. for php that would be mysql_real_escape_string
尝试这样做:
如果您需要在字符串中使用两种类型的引号,那么当它们出现在字符串中时,您需要对用于包围字符串的引号类型进行转义(否则 SQL 解释器会认为字符串在之前结束)它确实如此。
例如:
等等。
Try this instead:
If you need to use both types of quotes within a string, then you'll need to escape the type of quotes you use to surround the string when they occur within it (otherwise the SQL interpreter will think the string ends before it actually does.
For instance:
et cetera.