sql server有兩個轉義符:
第一個轉義符是單引號 (')
單引號 (') 默認情況下, 單引號 (') 是字符串的邊界符, 如果在字符串中包含 單引號 ('), 則必須使用兩個單引號 ('), 第1個單引號 (')就是轉義符。
示例:
下面是條錯誤的sql,
INSERT INTO Cogs_PurchaseSale( CreateTime,UpdateTime,ApDate, Type,Change,Currency,ExchangeRate, [Date],StoreCode,ItemColor,Qty, ProfitCenter,CreditNote) SELECT getdate(), getdate(), '2019-11-01', case when LEN(isNull(sm.Type,'StockMovement'))>0 then sm.Type else 'StockMovement' end, 'Decrease', 'SYSTEM_LOCAL_CURRENCY','1', max(sm.[Date]), LEFT(sm.RecipientWarehouse,4), sm.ItemCode+sm.ColorCode, sum(sm.Qty), max(sm.ProfitCenter),max(sm.Remark) FROM Cogs_StockMovement as sm WHERE sm.APDate='2019-11-01' AND LEN(sm.RecipientWarehouse)>0 GROUP BY sm.Type, sm.RecipientWarehouse, sm.ItemCode, sm.ColorCode
我需要將這條sql記錄到表里
$failmsg=" INSERT INTO Cogs_PurchaseSale(CreateTime,UpdateTime,ApDate,Type,Change,Currency,ExchangeRate,[Date],StoreCode,ItemColor,Qty,ProfitCenter,CreditNote) SELECT getdate(), getdate(), '2019-11-01', case when LEN(isNull(sm.Type,'StockMovement'))>0 then sm.Type else 'StockMovement' end, 'Decrease', 'SYSTEM_LOCAL_CURRENCY','1', max(sm.[Date]), LEFT(sm.RecipientWarehouse,4), sm.ItemCode+sm.ColorCode, sum(sm.Qty), max(sm.ProfitCenter),max(sm.Remark) FROM Cogs_StockMovement as sm WHERE sm.APDate='2019-11-01' AND LEN(sm.RecipientWarehouse)>0 GROUP BY sm.Type, sm.RecipientWarehouse, sm.ItemCode, sm.ColorCode";
$sql="update Cogs_TaskList set FailDesc='".str_replace("'", "''", ($failmsg))."',UpdateTime='".date("Y-m-d H:i:s")."' where ID=".$id; $res= $dbobj->query($sql);
這里處理的方式是str_replace將單引號替換成兩個單引號
另一個轉義符是雙引號(")
當SET QUOTED_IDENTIFIER OFF時, "是字符串邊界符, 字符串中的"必須用兩個"表示。