???????????? ???????[ 2016/11/18 11:09:24 ] ????????????? ????????
????// 1.?????????
????$conn = mysql_connect(''?? 'root'?? '518666');
????if (!$conn)
????die("Could not connect:" . mysql_error());
????// 2.????????
????mysql_select_db('mysql_safe'?? $conn);
????// 3.????????????????utf8??????utf-8?????д?????MySQL????????????????????
????mysql_query("SET NAMES utf8");
????$title = "????????";
????$content = '????/?????????"????"????&>women<a>?';
????$add_time = date("Y-m-d H:i:s");
????// ??????
????$content = mysql_real_escape_string($content);
????$content = htmlspecialchars($content?? ENT_COMPAT);
????// ????/?????????????&>women<a>? // ????????б??
????// 4.???????????
????$insert_sql = "insert into post_tbl (title?? content?? user_id?? add_time) values ('{$title}'?? '{$content}'?? '4742551'?? '{$add_time}')";
????echo 'ok';
????echo "Error : " . mysql_error();
????$ret = mysql_affected_rows();
????// 5.PDO????????
????// PDO??PHP Data Object????????????? Abstraction Layer ???????????
????// ???
????$user_id = 174742;
????$password = "''or '1=1'" ;
????$sql = "select * from post_tbl where user_id = {$user_id} and password = {$password}";
????$query = mysql_query($sql);
????// $result = mysql_fetch_array($query);
????$rows = array();
????$rows[] = $row;
????print_r( $rows);
????// ????????????
????$str = "Bill & 'Steve'";
????echo htmlspecialchars($str?? ENT_COMPAT); // ?????????
????echo "<br>";
????echo htmlspecialchars($str?? ENT_QUOTES); // ??????????????
????echo "<br>";
????echo htmlspecialchars($str?? ENT_NOQUOTES); // ??????κ?????
???????????? HTML ??????£??????????
????Bill & 'Steve'<br>
????Bill & 'Steve'<br>
????Bill & 'Steve'
????????????</a><a href="/lanqi" target="_blank" class="infotextkey">?????</a>?????
????Bill & 'Steve'
????Bill & 'Steve'
????Bill & 'Steve'
????function mforum_html_tag_to_html_entity($content)
????$content = (string)trim($content);
????if(empty($content)) return '';
????// $content = str_replace(' '?? ' '?? $content);
????$content = htmlspecialchars($content?? ENT_COMPAT?? GB2312?? false);
????$content = str_replace(">"?? ">"?? $content);
????$content = str_replace("<"?? "<"?? $content);
????$content = str_replace("""?? """?? $content);
????$content = preg_replace("/\$/"?? "$"?? $content);
????$content = preg_replace("/
/"?? ""?? $content);
????$content = str_replace("!"?? "!"?? $content);
????$content = str_replace("'"?? "'"?? $content);
????$content = preg_replace("/\/"?? ""?? $content);
????// ??????д????
????return $content;
????// PDO?????
????$dbh = new PDO('mysql:host=;dbname=mysql_safe'?? 'root'?? '518666');
????$dbh->exec('set names utf8');
????$title = "????????";
????$content = '????/?????????"????"????&>women<a>?' . " ????????'?????????'????";
????$user_id = 174742;
????$add_time = date("Y-m-d H:i:s");
????// $insert_sql = "insert into post_tbl (title?? content?? user_id?? add_time) values (:x_title?? :x_content?? :x_user_id?? :x_add_time)";
????// $stmt = $dbh->prepare($insert_sql);
????// $stmt->execute(array('x_title'=>$title??':x_content'=> $content?? ':x_user_id' => $user_id?? ':x_add_time' => $add_time));
????// ???
????$user_id = "17474#";
????// $password = "''or '1=1'";
????$password = 123456;
????$sql = 'select * from post_tbl where user_id = :x_user_id and password = :x_password';
????$stmt = $dbh->prepare($sql);
????$stmt->execute(array(':x_user_id'=>$user_id?? ':x_password' => $password));
????$rows = array();
????while($row = $stmt->fetch(PDO::FETCH_ASSOC))
????$rows[] = $row;
????// echo $dbh->lastinsertid();

2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11