SQL sentence get from table,sentence中有变量,无法执行
SQL sentence get from table,have variable in sentence,can't execute
我有一个 table 保存一些 sql 句子。
例如:
value:`select * from table where aa='".$test."'`
<?php
$test="bbb";
$strsql=$row["sql"];
echo $strsql;
//result is :select * from table where aa='".$test."'
?>
但我想要:select * from table where aa='bbb'
帮帮我
谢谢!!
您可以使用 eval 来做到这一点:(将字符串计算为 PHP 代码)
$test = "bbb";
$strsql = 'select * from table where aa=\'".$test."\''; // as $row["sql"];
eval("$strsql = \"$strsql\";");
echo $strsql;
你应该像
一样使用explode函数
$test="bbb";
$data=explode("=",$strsql);
$new_query=$data[0]."='$test'"
您可以使用 eval() 函数,但我想您是编码新手,并且 eval() 函数非常危险。
根据 PHP 手册
Caution The eval() language construct is very dangerous because it
allows execution of arbitrary PHP code. Its use thus is discouraged.
If you have carefully verified that there is no other option than to
use this construct, pay special attention not to pass any user
provided data into it without properly validating it beforehand.
我有一个 table 保存一些 sql 句子。
例如:
value:`select * from table where aa='".$test."'`
<?php
$test="bbb";
$strsql=$row["sql"];
echo $strsql;
//result is :select * from table where aa='".$test."'
?>
但我想要:select * from table where aa='bbb'
帮帮我 谢谢!!
您可以使用 eval 来做到这一点:(将字符串计算为 PHP 代码)
$test = "bbb";
$strsql = 'select * from table where aa=\'".$test."\''; // as $row["sql"];
eval("$strsql = \"$strsql\";");
echo $strsql;
你应该像
一样使用explode函数$test="bbb";
$data=explode("=",$strsql);
$new_query=$data[0]."='$test'"
您可以使用 eval() 函数,但我想您是编码新手,并且 eval() 函数非常危险。
根据 PHP 手册
Caution The eval() language construct is very dangerous because it allows execution of arbitrary PHP code. Its use thus is discouraged. If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any user provided data into it without properly validating it beforehand.