需要转义搞明白
<?php $str = "Who's Bill Gates?"; echo $str . " This is not safe in a database query.<br>"; echo addslashes($str) . " This is safe in a database query."; ?>