我想在MySQL的插入语句中转义单引号,但我无法使其工作。
我尝试了mysqli_real_escape_string和str_replace,但仍然收到关于单引号的MySQL错误。
//Escape String
$order_details = mysqli_real_escape_string($order_details);
$customer_name = mysqli_real_escape_string($customer_name);
$address1 = mysqli_real_escape_string($address1);
$address2 = mysqli_real_escape_string($address2);
$city = mysqli_real_escape_string($city);
$phone_number = mysqli_real_escape_string($phone_number);
$province = mysqli_real_escape_string($province);
$zip = mysqli_real_escape_string($zip);
$sql ="INSERT INTO wp_wpdatatable_4_7(transid, userid, storename, orderdate, ordernumber, productname, itemcount, sellingprice, customername, address, barangay, city, province, zipcode, contactnumber)
VALUES ('" . $transid . "','" . $user_id . "','" . $store_name . "','" . $order_date . "', '" . $order_number . "', '" . $order_details . "', '" . $no_items . "', '" . $selling_price . "', '" . $customer_name . "', '" . $address2 . "', '" . $address1 . "', '" . $city . "', '" . $province . "', '" . $zip . "', '" . $phone_number . "' )";