[英]mysqli_real_eascape_string gives error
I have a problem with mysql real escape string. 我对mysql真正的转义字符串有问题。
<?php
// Create connection
$con=mysqli_connect("localhost","xxxx","xxxx","xxxx");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else{ echo"connected";}
?>
Now it echos connection. 现在它回显连接。 so this works fine.
所以这很好。 (I tried adding stuff into the db and that also works fine.
(我尝试将内容添加到数据库中,并且也可以正常工作。
Now I try to do a mysqli_real_escape_string like this: 现在,我尝试像这样执行mysqli_real_escape_string:
$email_address = $con->mysqli_real_escape_string($_POST['email']);
But this gives me a error: 但这给我一个错误:
Fatal error: Call to undefined method mysqli::mysql_escape_string() in Blabla/blabla.php on line 15
致命错误:在第15行的Blabla / blabla.php中调用未定义的方法mysqli :: mysql_escape_string()
(the line where I call the escape string) (我称之为转义字符串的行)
Anyone has any idea what I'm doing wrong? 有人知道我在做什么错吗?
Because you don't have your sql in your question here 2 examples: 因为您在这里的问题中没有sql,所以这里有两个示例:
Object oriented style 面向对象的风格
$city = $mysqli->real_escape_string($city);
or the procedural style 或程序样式
$city = mysqli_real_escape_string($link, $city);
For more information see this: php.net/mysqli_real_escape_string 有关更多信息,请参见: php.net/mysqli_real_escape_string
Also see Prepare statements this is better than mysqli_real_escape_string
php.net/manual/en/mysqli.prepare.php 另请参见“准备语句”,它比
mysqli_real_escape_string
更好mysqli_real_escape_string
manual/ mysqli_real_escape_string
mysqli.prepare.php
Change to: 改成:
$email_address = $con->real_escape_string($_POST['email']);
Check the manual: http://php.net/mysqli_real_escape_string 检查手册: http : //php.net/mysqli_real_escape_string
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.