stackoom
  简体   繁体   中英

mysqli_real_escape_string not working?

 原文  2013-01-27 02:19:55       php/ mysql/ mysqli

Question

if($_SESSION['s_logged_n'] == 'true'){
    $server = $panel->real_escape_string($_GET['ip']);
    $dn = $panel->real_escape_string($_GET['newname']);
    $query = $panel->query(
        "UPDATE `Registered` SET `displayname` = '$dn' WHERE `owner`='".$_SESSION['s_username']."' AND `server`='$server'"
    );
}

Above is the code that I am using. $panel is a connection to the database, which works. I've been banging my head for hours working with this stuff in order to try and escape the quotes.

1 answers

solution1
 0 ACCPTED  2013-01-27 02:25:02

You are not using mysqli_real_escape_string you are using the method real_escape_string that belongs to the objects $panel now if that is just another name for mysqli_real_escape_string then it is not used to "strip" quotes, it is used to make a legal SQL query. Quotes are not an illegal entity. I would suggest simply str_replace() if you want to specifically target quotations.

EDIT

jeroen beat me in the comments :p

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question mysqli_real_escape_string in function, not working? mysqli_real_escape_string not working properly mysqli_real_escape_string not working mysqli_real_escape_string not working correctly mysqli connection not working with mysqli_real_escape_string mysqli_real_escape_string mysqli link? mySQLI - problem with mysqli_real_escape_string mysqli_real_escape_string Not working inside array_map mysqli_real_escape_string doesn't seem to be working PHP mysqli_real_escape_string() not working inside function
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM