我的PHP表单旨在将数据插入MySQL数据库。除非我的输入中有撇号,否则它工作得很好。然后,我收到了这个错误:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'fdfdf','fdfdf')' at line 2
这是我的第一个使用PHP的项目。有人可以提供如何逃避撇号的示例代码吗?
<html>
<body>
<form action="http://thefaithperspective.com/verses">
<input type="submit" value="Add Another" />
</form>
</body>
</html>
<?php
$servername = "...";
$username = "...";
$password = "...";
$dbname = "...";
$verse= $_POST['verse'];
$book= $_POST['book'];
$reference = $_POST['reference'];
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO myverses (versetext, book, reference)
VALUES ('$verse','$book','$reference')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>