I have been trying to insert a directory Path into a mySQL table (reportPath column). The inserting works OK but the directory separator is ignored on insert. E.g A path of D:\public_html\Testman\config is inserted as D:public_htmlTestmanconfig. What am I missing?
Below is my code
<?php
include "config.php" ;
$dir = "csvreports";
$files = scandir($dir);
$fLocation=dirname(__FILE__).DIRECTORY_SEPARATOR;
foreach ($files as $key => $value)
{
if (substr($value, -4) == ".CSV" )
{
mysql_query("INSERT INTO tableReports (repor开发者_如何学运维tPath, reportName) VALUES('$fLocation.$value','$value')");
}
}
?>
You forgot to escape the slashes:
$sql = sprintf("INSERT INTO tableReports (reportPath, reportName) VALUES('%s','%s')",
mysql_real_escape_string($fLocation.$value),
mysql_real_escape_string($value)
);
mysql_query($sql);
Escape the data before inserting it into the database: mysql_real_escape_string
mysql_query("
INSERT INTO tableReports (reportPath, reportName)
VALUES(
'". mysql_real_escape_string($fLocation.$value) ."',
'". mysql_real_escape_string($value) ."'
)
");
When using Windows, the DIRECTORY_SEPARATOR is set to \ (backslash). But backslash is a special character in PHP, which causes PHP to interpret the next subsequent character as a special character (a character with another meaning). So you can use addslashes() to escape the backslash characters.
However, you'd better use mysql_real_escape_string().
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论