Codeigniter使用MYSQLI转义字符串
[英]Codeigniter using MYSQLI escape string
问题描述
I am currently updating a section of code that uses mysql currently the escape string is structured like this: $product_name = mysql_real_escape_string(trim($_POST['product_name'])); 
我当前正在更新一段使用mysql的代码,当前转义字符串的结构如下: $product_name = mysql_real_escape_string(trim($_POST['product_name'])); and works fine. 并且工作正常。
My issue is when I change the above string to $product_name = mysqli_real_escape_string($database, (trim($_POST['product_name']))); 我的问题是当我将上面的字符串更改为$product_name = mysqli_real_escape_string($database, (trim($_POST['product_name']))); and declare the following: $database = $this->load->database(); 并声明以下内容: $database = $this->load->database(); above it I get the error that its NULL 在它上面我得到的错误是它的NULL
How do I escape a string with CI? 如何使用CI来转义字符串?
2 个解决方案
解决方案1
0 2013-06-16 00:39:10
You use 你用
$this->db->query("select ?",array("value")); $ this-> db-> query(“ select?”,array(“ value”)));
Where each ? 每个在哪里? In thee select is the variable you want escaped 在您中选择要转义的变量
解决方案2
0 已采纳 2013-06-16 01:49:01
CodeIgniter user manual wrote the following. CodeIgniter 用户手册写道:
Beyond simplicity, a major benefit to using the Active Record features is that it allows you >to create database independent applications, since the query syntax is generated by each >database adapter.
You can use Input class in your controller. 您可以在控制器中使用Input类。
$this->load->model('mymodel');
$something = $this->input->post('something');
$results = $this->mymodel->mymethod($something);
In your model 在您的模型中
$this->db->insert('mytable', $data);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.