如何检索div标签和问号从MySQL在PHP

Question

如何使用PHP

我使用mysql_real_escape_string($test)成功插入div标签的MySQL来检索从MySQL div标签，但我有问题，当我从检索同一领域MySQL的使用相同mysql_real_escape_string(field)，请给解决这个...

Answer 1

使用PHP函数stripslashes(field)

Answer 2

//mysql_real_escape_string() is only used in inserting special chars like ' and " by escaping it.it puts \ before ' or " to be \' or \" 
//it is very handy also in handling injection against hackers 
//conclusion mysql_real_escape_string() only used in insert queries. 

//if you want to retrieve it from db follow this example 
$connected=mysql_connect($your_db_host,$your_db_uname,$your_db_pass); 
if(!$connected){ 
    die(mysql_error()); 
} 
mysql_select_db($your_db_name) or die(mysql_error()); 
mysql_query("SET NAMES utf8") or die(mysql_error()); 
mysql_query("SET CHARSET utf8") or die(mysql_error()); 
$sql="SELECT your_field FROM your_table WHERE id='".intval($_GET["your_id"])."' "; 
//always use intval with integers to prevent injection 
//assuming the id is in _GET array 
$results=mysql_query($sql); 
if(!$results){ 
    echo 'no data found!'; 
    //die(mysql_error()); 
}else{ 
    while($row=mysql_fetch_array($results)){ 
     echo "my filed value : ".stripslashes($row["your_field"]); 
     //stripslashes() is used to remove \" and \' ==> to be ' and " only without slashes 
     echo "<br/>"; 
     //if your field contains <html> tags or <div> the browser will understand it automatically and translates it 
    //notice if you need to echo html content in <input> field for example ==> you need to htmlentities($the_out) before print it. 
    //for example <input id='myinput' name='myinput' value='<?php echo htmlentities($row["your_field"]);?>' /> 
    //why ? because if your $row["your_field"] contains html tags within -> it will break the input structure 
    //it would be something corrupt like 
    // <input id='myinput' name='myinput' value='<div><p><strong>blablabla</strong>blablabla</p></div>' /> 
    } 
}