我的代码无法将字符'插入数据库,这是用户插入像我这样的单词时出现的问题
<?php
if(!isset($_SESSION))
{
session_start();
}
$db = mysqli_connect('localhost', 'root', '', 'generator');
//initialized variables
$staffname="";
$position="";
$date="";
$report="";
$id = 0;
//call for the form information
$staffname = $_POST['staffname'];
$position = $_POST['position'];
$report =$_POST['report'];
$staffid = $_POST['staffid'];
$user_type = $_POST['user_type'];
date_default_timezone_set('Asia/Kuala_Lumpur');
$date = date('d/m/Y h:i:s a', time());
//insert into database.
mysqli_query($db, "INSERT INTO daily_report (staffname,position,
date, report, staffid , user_type)
VALUES('$staffname','$position', '$date', '$report', '$staffid',
'$user_type')");
$_SESSION['message'] = "Your report have been submitted";
header('location: daily_report.php');
?>
我能够在数据库中插入字符'