更新时间:2023-10-23 15:42:58
不要在表名周围使用单引号,而是使用反引号 (`
):
Don't use single quotes around your table name, use backticks (`
) instead:
$query = mysql_query("SELECT * FROM `$category` WHERE title LIKE '%$search_title%'");
注意.请确保 $category
和 $search_title
不是普通的用户提供的变量
NB. Please make sure that $category
and $search_title
are not plain user provided variables