問題描述

問題解答

mysql_real_escape_string是將所有帶有特殊字符進行轉義下列字符受影響：x00nr’'x1a假如你要轉義，請將查詢參數轉義了再帶入sql ，如$aid = mysql_real_escape_string('14218902787457024');$date = mysql_real_escape_string('20170302');select orderid from order where date = $date AND aid =’$aid’