翻阅了一下文档，C 的 API 操作 MySQL 的时候没有参数化查询的接口，于是就简单的做一个转义，其实照着官方文档，很简单，直接附上代码

#include <stdio.h>
#include <Windows.h>
#include "mysql.h"

#define TMP_SIZE 256
#define T_SIZE 1024
#define QUERY_SIZE 4096

int insert_record() {
	// define consts
	const char db_user[] = "root";
	const char db_pwd[] = "root";
	const char db_host[] = "localhost";
	const char db_name[] = "twitter";
	unsigned int db_port = 3306;

	// define mysql vars
	MYSQL mysql;
	MYSQL_RES *mysql_res;
	MYSQL_ROW mysql_row;
	MYSQL_FIELD *mysql_field;
	char tmp[TMP_SIZE][TMP_SIZE];

	mysql_init(&mysql);
	if (mysql_real_connect(&mysql, db_host, db_user, db_pwd,
		db_name, db_port, NULL, 0) == NULL) {
			printf("connect failed: %s\n", mysql_error(&mysql));
			return -1;
	}
	mysql_set_character_set(&mysql, "utf8");

	FILE *file = fopen(
		"C:/tweets2009-06.txt", "r");
	char t_escape[T_SIZE], t_user[T_SIZE], 
		t_content[T_SIZE], t_time[T_SIZE];
	// read the total count line
	fgets(t_escape, T_SIZE, file);
	printf("%s\n", t_escape);	

	for (long long i=0; i<10000; i++) {
		// time line
		fgets(t_escape, T_SIZE, file);
		mysql_real_escape_string(&mysql, t_time, 
			t_escape+2, strlen(t_escape)-3);
		// user link line
		fgets(t_escape, T_SIZE, file);
		mysql_real_escape_string(&mysql, t_user, 
			t_escape+21, strlen(t_escape)-22);
		// content line
		fgets(t_escape, T_SIZE, file);
		mysql_real_escape_string(&mysql, t_content, 
			t_escape+2, strlen(t_escape)-3);
		// empty line
		fgets(t_escape, T_SIZE, file);

		char query[QUERY_SIZE] = {0};
		sprintf(query,
			"insert into t (user, content, time) \
			values ('%s', '%s', '%s')",
			t_user, t_content, t_time);
		//printf("%s\n", query);
		
		if (mysql_query(&mysql, query) != 0) {
			printf("query failed: %s\n", mysql_error(&mysql));
			mysql_close(&mysql);
			return -1;
		}
	}

	mysql_close(&mysql);
	return 0;
}

int main() {
	insert_record();
	return 0;
}

使用到的函数是这个，http://dev.mysql.com/doc/refma…