for example:
<?
$connect = @mysql_connect('******','***','****');//连接数据库
$select_db = mysql_select_db('**');//选数据库
$cc = "fsdf\"asfsa'df'asd'f'sda'f'ds'f'ds'f'dsa'f'ds'f'ds'f'ds'f'ds"."<br>";
print $cc;//原始字符串
$cc = ereg_replace('\'','\\\'',$cc);
print $cc;//代替后的字符串,这里面没有代替",不知你的原始字符串是哪一种形式,里面有像单引号那样的话,得加上这一句$cc = ereg_replace('\"','\\\"',$cc);
$sql = "INSERT INTO access (userid, forumchar, accessmask) VALUES (34, '$cc', 0)";//这是我随便用的一表
$query = mysql_query($sql);
?>
<?
$connect = @mysql_connect('******','***','****');//连接数据库
$select_db = mysql_select_db('**');//选数据库
$cc = "fsdf\"asfsa'df'asd'f'sda'f'ds'f'ds'f'dsa'f'ds'f'ds'f'ds'f'ds"."<br>";
print $cc;//原始字符串
$cc = ereg_replace('\'','\\\'',$cc);
print $cc;//代替后的字符串,这里面没有代替",不知你的原始字符串是哪一种形式,里面有像单引号那样的话,得加上这一句$cc = ereg_replace('\"','\\\"',$cc);
$sql = "INSERT INTO access (userid, forumchar, accessmask) VALUES (34, '$cc', 0)";//这是我随便用的一表
$query = mysql_query($sql);
?>
$cc = ereg_replace('\\','\\\\',$cc);
$cc = 'dsfg\"sdfsdf\'sdsdfsdaf'\''afas';
你可以这样;
$cc = ereg_replace('\\\"','\"',$cc);
$cc = ereg_replace('\\\'','\'',$cc);
变成了:
$cc = 'dsfg"sdfsdf'sdsdfsdas'''afas';
没有测试,你可以按思路去测一下;