I do not know where is the pro开发者_运维技巧blem that I can not insert > and ( into my MySQL database.

I add a addslashes($str) but this still can leave the quote mark unescaped.

Is there any string functions that can solve my problem?

Don't use addslashes(), use...

mysql_real_escape_string()

Use it every time your interpolate outside strings into a query!

...or better still, use binded parameters with something like PDO.

^{By the way, there is no reason why > and ) wouldn't be inserted into your database that I can think of. They have no meaning inside of a string, unlike \.}