我试图在数据库中放入包含单引号和双引号的字符串,但是当我以前在其上使用mysqli_escape_string()时,它会添加反斜杠。如果我没记错的话,通常在数据库中一次应该不再有反斜杠了?
$conn = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if($conn->connect_error) die('Database error : '.$conn->connect_error);
$strValue = mysqli_escape_string($conn,"a'b");
$sql = "INSERT INTO test (strValue) VALUES (?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('s', $strValue);
$stmt->execute();
// a'b becomes a\'b in database