我在电子邮件地址上使用 mysqli_real_escape_string(),它返回一个空字符串。它可以对任何电子邮件地址执行此操作。
<?php
//from previous page - submitted by user.
$_POST['email']="aehmlo@aehmlo.com";
$_POST['password']='mypass1234';
//Link, I can verify it works.
$mysql_info=array(
"url"=>"url",
"username"=>"username",
"password"=>"password",
"database"=>"database"
);
$link=mysqli_connect($mysql_info['url'],$mysql_info['username'],$mysql_info['password'],$mysql_info['database']);
//Now I attempt to sanitize the user input.
$email=mysqli_real_escape_string($link,$_POST['email']);
$password=sha1(mysqli_real_escape_string($link,$_POST['password']));
var_dump($email);
var_dump($password);?>
我的表格的排序规则是“latin1_swedish_ci”。
最佳答案
如果您的连接为空 ($link
),它将返回一个空字符串。我对此进行了测试,效果很好。我建议您向连接添加错误处理并启用错误报告。
<?php
$link = mysqli_connect("localhost", "root", "root", "test");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$_POST['email'] = "aehmlo@aehmlo.com";
$email = mysqli_real_escape_string($link, $_POST['email']);
var_dump($email);
mysqli_close($link);
?>
结果
string(17) "aehmlo@aehmlo.com"
关于php - mysqli_real_escape_string() 返回空字符串,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32253041/