I made a function which has to filter the data passed into a $_GET
variable. It recently worked, but I began working with mysqli and now it's not anymore. Echoing my $data
everytime it went through a PHP function gave the result that the mysqli_real_escape_string
causing the variable $data
to return empty . But what am I doing wrong here.
My function which should filter the $_GET
variables, but the mysqli_real_escape_string
returns an empty variable..
function filter($data) {
global $link;
$data = trim(htmlentities(strip_tags($data)));
if (get_magic_quotes_gpc())
$data = stripslashes($data);
$data = mysqli_real_escape_string($link, $data);
return $data;
}
A loop in order to run all $_GET
variables trough the filter.
foreach($_GET as $key => $value) {
$get[$key] = filter($value);
}
The connection with the database (the connection does work): ( $link
)
$link=mysqli_connect(DB_HOST,DB_USER,DB_PASS,DB_NAME);
Modify your function to include $link
and pass it by reference if you like:
function filter($data, &$link) {
$data = trim(htmlentities(strip_tags($data)));
if (get_magic_quotes_gpc())
$data = stripslashes($data);
$data = mysqli_real_escape_string($link, $data);
return $data;
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.