mysql_real_escape_string（）發生ristriction查看在文本區域谷歌地圖

Question

我貼上谷歌地圖代碼

<iframe width="186" height="186" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" src="http://maps.google.com/maps?f=d&source=s_d&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645&output=embed"></iframe> 
<br /> 
<small><a href="http://maps.google.com/maps?f=d&source=embed&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645" style="color:#0000FF;text-align:left">View Larger Map</a></small> </div> 

，並使用mysql_real_escape_string(trim($_POST'map']))

但是從MySQL表取回來它不顯示，因爲地圖SQL注入保護功能即：mysql_real_escape_string（），如：

<iframe width=\"186\" height=\"186\" frameborder=\"0\" scrolling=\"no\" marginheight=\"0\" marginwidth=\"0\" src=\"http://maps.google.com/maps?f=d&source=s_d&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645&output=embed\"></iframe> 
<br /> 
<small><a href=\"http://maps.google.com/maps?f=d&source=embed&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645\" style=\"color:#0000FF;text-align:left\">View Larger Map</a></small> </div> 

.............！

Answer 1

嘗試在顯示字符串之前對字符串應用stripslashes()。

Answer 2

問題是您已啓用magic-quotes。
這是php中的一個重大錯誤（並且會在版本5.something中被取消）。
在很多舊的設置中，它仍然處於啓用狀態，禁用它是個好主意，因爲它不會增加任何安全性，但是確實會增加許多麻煩。

如果（且只有）您無法禁用它，則可以在執行mysql_real_escape_string之前使用stripslashes()。