1 构建sql 语句
2 入库安全(sql 注入 ,csrf 攻击)
addslashes
stripslashes
htmlspecialchars
htmlspecialchars_decode
$sql1 = "<a href='1.html'> hello'diwali</a>";
$sql2 = htmlspecialchars(addslashes($sql1));
echo $sql2.PHP_EOL;
$sql3 = stripslashes(htmlspecialchars_decode($sql2));
echo $sql3