有人可以教我如何清理查询吗?我是否应该净化$ first_word?我如何清理下面的查询?
$question_text = sanitize($_POST['question_text']);
list($first_word) = explode(' ', $question_text);
$qStuff=mysql_query("SELECT c.field_name,t.category_name, d.domain_name FROM category_fields c, taxonomy_category t, taxonomy_domain d WHERE c.category_id = t.category_id AND t.domain_id = d.domain_id AND c.field_name = '$first_word'");
在这种情况下,“净化”意味着什么? – deceze 2011-03-21 05:36:39
对PDO进行消毒以防止sql注入 – Abby 2011-03-21 05:37:26