百科狗SQLite3::escapeString() - sqlite3数据库类
SQLite3::escapeString()
(PHP 5 >= 5.3.0, PHP 7)
Returns a string that has been properly escaped
说明
publicstaticSQLite3::escapeString(string $value): stringReturns a string that has been properly escaped for safe inclusion in an SQL statement.
Warning此函数(还)不能安全地适用于二进制对象!
To properly handle BLOB fields which may contain NUL characters, use SQLite3Stmt::bindParam() instead.
参数
$valueThe string to be escaped.
返回值
Returns a properly escaped string that may be used safely in an SQL statement.
注释
Warningaddslashes() shouldNOTbe used to quote your strings for SQLite queries; it will lead to strange results when retrieving your data.
Be careful if the string contains "\0" char. see: https://bugs.php.net/bug.php?id=63419
The reason this function doesn't escape double quotes is because double quotes are used with names (the equivalent of backticks in MySQL), as in table or column names, while single quotes are used for values. This is important to remember, especially coming from another SQL implementation. It can cause strange problems, for example, the query: SELECT * FROM table WHERE column1="column1" Would actually return every record, because column1 is always equal to column1. This should instead be: SELECT * FROM table WHERE column1='column1' Double quotes are not escaped by the function because they are not interpreted specially within single quoted strings.
鹏仔微信 15129739599 鹏仔QQ344225443 鹏仔前端 pjxi.com 共享博客 sharedbk.com
免责声明:我们致力于保护作者版权,注重分享,当前被刊用文章因无法核实真实出处,未能及时与作者取得联系,或有版权异议的,请联系管理员,我们会立即处理! 部分文章是来自自研大数据AI进行生成,内容摘自(百度百科,百度知道,头条百科,中国民法典,刑法,牛津词典,新华词典,汉语词典,国家院校,科普平台)等数据,内容仅供学习参考,不准确地方联系删除处理!邮箱:344225443@qq.com)
图片声明:本站部分配图来自网络。本站只作为美观性配图使用,无任何非法侵犯第三方意图,一切解释权归图片著作权方,本站不承担任何责任。如有恶意碰瓷者,必当奉陪到底严惩不贷!
内容声明:本文中引用的各种信息及资料(包括但不限于文字、数据、图表及超链接等)均来源于该信息及资料的相关主体(包括但不限于公司、媒体、协会等机构)的官方网站或公开发表的信息。部分内容参考包括:(百度百科,百度知道,头条百科,中国民法典,刑法,牛津词典,新华词典,汉语词典,国家院校,科普平台)等数据,内容仅供参考使用,不准确地方联系删除处理!本站为非盈利性质站点,本着为中国教育事业出一份力,发布内容不收取任何费用也不接任何广告!)
相关文章
