21,886
社区成员
发帖
与我相关
我的任务
分享
$db = new PDO('mysql:host=localhost;dbname=test', 'root', '');
$name = 'zhangsan"';
$db->query('select * from test where name = "' . mysql_real_escape_string($name) . '"');
/*
结果:
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO)
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established
$db = new PDO('mysql:host=localhost;dbname=test', 'root', '');
$name = 'zhangsan"';
$db->query('select * from test where name = "' . mysql_real_escape_string($name, $db) . '"');
/*
结果:
Warning: mysql_real_escape_string() expects parameter 2 to be resource, object given
*/