问题描述
|
解决方法
MySQL不会在乎用户名或密码中的字符,除非您没有正确构建查询:
$password = $_POST[\'password\'];
$username = $_POST[\'username\'];
$quoted_pass = mysql_real_escape_string($password);
$quoted_user = mysql_real_escape_string($username);
$sql = \"INSERT INTO users (username,password) VALUES (\'$quoted_pass\',\'$quoted_user\');
$result = mysql_query($sql) or die(mysql_error());
if (mysql_affected_rows($result) != 1) {
die(\"User record not created\");
}