NSString 中的转义字符
我遇到了一个问题。我有一个 NSString,我想将此字符串发送到服务器以插入到数据库中。但是当 NSString 是(例如)时我遇到问题:
这不是学生。
并且该字符串通过以下脚本发送到服务器端:
$value = $_POST["stringvalue"]
insert into stringtable (stringvalue) values ('$value');
由于“isn't”部分,插入查询无法运行并失败。
现在我想转义字符,这意味着“isn't”将变成“isn\'t”,以便我可以插入数据库。我想问一下该怎么办呢?
谢谢。
I have encounter a problem. I have a NSString and I would like to send this string to server to insert to database. But I have problem when NSString is (for example):
This isn't a student.
And this string is sent to server side with this script:
$value = $_POST["stringvalue"]
insert into stringtable (stringvalue) values ('$value');
Because of "isn't" part, the insert query can not run and fail.
Now I would like to escape characters, that means "isn't" will become "isn\'t" so that I can insert to database. I would like to ask how can I do it?
Thank you.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
不要依赖输入清理方法,最好仅使用参数化语句插入数据。了解有关 Bobby Tables 的更多信息,以及更具体地了解如何避免它 在 PHP 中。
输入清理的一个特殊问题是,您必须在每次插入之前执行此操作,有时可能会意外执行两次,等等。只需使用参数化语句,从长远来看会更容易。
Don't rely on input sanitation methods, it is best to insert data using only parameterised statements. Learn more about Bobby Tables and more specifically how to avoid it in PHP.
One particular problem with input sanitation is that you must do it before every insert, and sometimes it may be done twice accidentally, and so on. Simply used parameterised statements and it will be easier in the long run.
这可能会帮助您
替换“”字符NSString 带有“\”(创建 Unix 路径)
This might help you
Replace " " character in an NSString with "\ " (to create a Unix path)
我猜这是 PHP 的问题,而不是 iPhone SDK 的问题?
I guess this is a problem of PHP instead of iPhone SDK?
您可以在服务器端使用这些 PHP 方法:在
$value上添加斜杠 (addslashes)转义所有特殊字符。 addslashes
我认为这不是 iPhone 的问题。
You can use these PHP methods on the server side :
To add slashes on your
$value(addslashes)To escape all special chars. addslashes
It's not an iPhone problem I think.