stackoom
  简体   繁体   中英

mysqli_real_escape_string() conversion assistance

 原文  2016-10-26 03:50:47       php

Question

How would I go about converting the below strings to latest mysqli? 

for ($i = 0; $i < $num; $i++) {
            if ($i == 0)
                $nameCriteria .= " IN ('".mysql_escape_string($searchInfo->nameTokens[$i])."'";
            else
                $nameCriteria .= ",'".mysql_escape_string($searchInfo->nameTokens[$i])."'";
        }

I tried the the fix below but doesn't work. 

for ($i = 0; $i < $num; $i++) { 
            if ($i == 0) 
                $nameCriteria .= " IN ('".((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $searchInfo->nameTokens[$i]) : ((trigger_error("Does not Work!", E_USER_ERROR)) ? "" : ""))."'"; 
            else 
                $nameCriteria .= ",'".((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $searchInfo->nameTokens[$i]) : ((trigger_error("Does not Work!.", E_USER_ERROR)) ? "" : ""))."'"; 
        }

I also tried to use this but does not work either 

for ($i = 0; $i < $num; $i++) {
        if ($i == 0)
            $nameCriteria .= " IN ('".mysqli__real_escape_string($searchInfo->nameTokens[$i])."'";
        else
            $nameCriteria .= ",'".mysqli__real_escape_string($searchInfo->nameTokens[$i])."'";
    }

Any help would be greatly appreciated, I understand there are several other similar questions, but nothing that really helps guide me get this string fixed from original source project.

1 answers

solution1
 0  2016-10-26 04:45:19

You can make like this: 

$nameCriteria = [];
foreach ($searchInfo->nameTokens as $token) {
    $nameCriteria[] = mysqli_real_escape_string($link, $token);
}
$nameCriteria = "IN('" . join("','", $nameCriteria) . "')";

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question mysqli_real_escape_string mysqli link? mySQLI - problem with mysqli_real_escape_string mysqli_real_escape_string for int PHP:Mysqli_real_escape_string mysqli_real_escape_string in function, not working? mysqli_real_escape_string with array in php? PHP mysqli_real_escape_string argument mysqli_real_escape_string not work? mysqli_real_escape_string not escaping anything mysqli_real_escape_string AND prepared statements?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM