示例#1
0
 function sql_update($tab, $row, $where)
 {
     $row = addslashes_str($row);
     foreach ($row as $key => $value) {
         $sqlud .= $key . "= '" . $value . "',";
     }
     return "UPDATE `" . $tab . "` SET " . substr($sqlud, 0, -1) . " WHERE " . $where;
 }
/**
 * addslashes过滤,插入数据库,带有html字符串的数据
 * @param string|array $str 可以是数组或字符串
 * @return string|array
 * @author owen 2008-6-13
 */
function addslashes_str($str)
{
    if (is_array($str)) {
        foreach ($str as $id => $value) {
            $str[$id] = addslashes_str($value);
        }
    } else {
        $str = addslashes($str);
    }
    return $str;
}