我正在使用此代码将数据发送到 mysql 数据库,尽管用户发送空白数据并进行复制,但它运行良好。
<?php
require "conn.php";
$lostidno = $_POST ["lostidno"];
$phonenol = $_POST ["phonenol"];
$mysql_qry = "INSERT INTO lostdb.lost (lostidno, phonenol) VALUES ('$lostidno', '$phonenol')";
if ($conn->query($mysql_qry) === TRUE)
{
echo "Information Recieved!";
}
else
echo "Sorry! An Error Occured:" . $mysql_qry . "br" . $conn->error;
$conn->close();
?>
如何防止这种情况?
最佳答案
您可以使用trim
函数去除字符串开头和结尾的空格。之后您可以检查这两个参数是否不为空:
<?php
require "conn.php";
$lostidno = trim($_POST["lostidno"]);
$phonenol = trim($_POST["phonenol"]);
if(!empty($lostidno) && !empty($phonenol))
{
$mysql_qry = "INSERT INTO lostdb.lost (lostidno, phonenol) VALUES ('$lostidno', '$phonenol')";
if ($conn->query($mysql_qry) === TRUE) {
echo "Information Recieved!";
}
else {
echo "Sorry! An Error Occured:" . $mysql_qry . "br" . $conn->error;
}
$conn->close();
}
?>
您还应该看看 this防止SQL injections .
关于php - 如何使用php转义mysql空白和重复数据,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39369628/