All symbols after "&" stripped
My query:
mysql::getInstance()->update('requests', array('response' => mysql_real_escape_string($_POST['status'])), array('secret' => $_POST['secret'])); ?>
If i wand to add string with "&" symbol, all symbols after "&" stripped.
Example: string: !"№;%:?()_+!@#$%^&()_+
in database i see only: !"№;%:?*()_+!@#$%^
How to fix this?
update function, if anyone need:
function update($table, $updateList, $whereConditions)
{
$updateQuery = '';
foreach ($updateList as $key => $newValue) {
if (!is_numeric($newValue)) {
$newValue = "'" . $newValue . "'";
}
if (strlen($updateQuery) == 0) {
$updateQuery .= '`' . $key . '` = ' . $newValue;
} else {
$upda开发者_如何学GoteQuery .= ', `' . $key . '` = ' . $newValue;
}
}
return $this->query('UPDATE ' . $table . ' SET ' . $updateQuery . $this->buildWhereClause($whereConditions));
}
UPD: echo mysql::getInstance()->getLastSQL() says:
UPDATE requests SET `response` = '!\"№;%:?*()_ !@#$%^' WHERE `secret` = '52a4ab5f7f3e8491e60b71db7d775ee2'
so, problem with function update in mysql class?
Slaks, i need to use str_replace('&', '%28', $query); ?
You're probably passing a raw &
character in the querystring, which causes everything after the &
to be parsed as second parameter by PHP. (Before it gets into your variable)
You need to escape the &
as %26
.
EDIT: You need to escape it before you send it to the server. (When you make the HTTP request)
精彩评论