Php 如何在mysqli中转义字符串
在旧的mysql()代码中,为了转义字符串,我做了以下操作:Php 如何在mysqli中转义字符串,php,mysqli,Php,Mysqli,在旧的mysql()代码中,为了转义字符串,我做了以下操作: t.TeacherUsername = '".mysql_real_escape_string($teacherusername)."' 我正在将我的代码更改为mysqli,但为了安全起见,我想知道的是,在mysqli中转义字符串如下所示: t.TeacherUsername = '".mysqli_real_escape_string($teacherusername)."' $username="xxx"; $password
t.TeacherUsername = '".mysql_real_escape_string($teacherusername)."'
我正在将我的代码更改为mysqli,但为了安全起见,我想知道的是,在mysqli中转义字符串如下所示:
t.TeacherUsername = '".mysqli_real_escape_string($teacherusername)."'
$username="xxx";
$password="xxx";
$database="xxx";
mysqli_connect('localhost',$username,$password);
mysqli_select_db($database) or die( "Unable to select database");
连接到mysqli数据库的方式如下:
t.TeacherUsername = '".mysqli_real_escape_string($teacherusername)."'
$username="xxx";
$password="xxx";
$database="xxx";
mysqli_connect('localhost',$username,$password);
mysqli_select_db($database) or die( "Unable to select database");
我所做的就是把mysql改成mysqli,对吗
更新:
现在这是使用mysqli连接数据库的正确方法吗:
$username="xxx";
$password="xxx";
$database="mobile_app";
$mysqli = new mysqli("localhost", $username, $password, $database);
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
您对该功能的使用不正确 您必须使用
mysqli\u connect
返回的mysqli链接资源作为mysqli\u real\u escape\u字符串的第一个参数
例如:
$username="xxx";
$password="xxx";
$database="xxx";
$my = mysqli_connect('localhost',$username,$password);
mysqli_select_db($my, $database) or die( "Unable to select database");
$t->TeacherUsername = "'" . mysqli_real_escape_string($my, $teacherusername). "'";
可能重复的