Mysqli_real_escape_string无法识别链接

I am using mysqli_real_escape_string to clean my user input before inserting it into my database. I have used it before without trouble, but for some reason this time it is not recognizing my link identifier.

//Connect to mysql server
$link = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
if (!$link) {
    die('Failed to connect to server: ' . mysqli_error());
}

//Function to sanitize the values received from the form (prevents SQL injection)
function clean($str) {
    $str = trim($str);
    if (get_magic_quotes_gpc()) {
        $str = stripslashes($str);
    }
    $rtstr = mysqli_real_escape_string($link, $str);
    return $rtstr;
}

For some reason when I try to input information through this file, it gives me the error "Undefined variable: link" and then "mysqli_real_escape_string() expects parameter 1 to be mysqli" for every time it encounters this function.

I am very confused because everything seems to be correct, but I can't find a way around this error. Is there something I'm doing wrong here? Or is it something outside of this code causing the issue?

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dongyang4615 2016-03-17 17:36
关注
You call $link in your function but it is not defined in your function. You have to pass it as a parameter or define it in the function.

Then, you have to call your function.

//Connect to mysql server $link = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE); if (!$link) { die('Failed to connect to server: ' . mysqli_error()); } //Function to sanitize the values received from the form (prevents SQL injection) function clean($str,$link) { $str = trim($str); if (get_magic_quotes_gpc()) { $str = stripslashes($str); } $rtstr = mysqli_real_escape_string($link, $str); return $rtstr; } clean('test',$link);
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(1条)

报告相同问题？

关注问题

Mysqli_real_escape_string无法识别链接 php
2016-03-17 17:34

回答 2 已采纳 You call $link in your function but it is not defined in your function. You have to pass it as a
mysqli_real_escape_string不会插入到db中 database html mysql php
2019-03-04 10:58

回答 5 已采纳 You are wrong to pass parameters to the mysqli_real_escape_string () function before inserting the
mysqli_real_escape_string（）警告此代码[关闭] php
2015-10-02 09:32

回答 1 已采纳 Your parameters are in the wrong order, read the documentation again. For example: $username = my
mysqli mysql_real_escape_string_PHP mysqli_real_escape_string() 函数
2021-02-07 23:38

weixin_39719101的博客实例转义字符串中的特殊字符：$con=mysqli_connect("localhost","my_user","my_password","my_db");// Check connectionif (mysqli_connect_errno($con)){echo "Failed to connect to MySQL: " . mysqli_connect_...
php mysql_real_escape_string转换为mysqli [复制] html mysql php
2016-08-30 17:57

回答 3 已采纳 I think you want this <?php $con=mysqli_connect("localhost","my_user","my_password","my_db");
mysqli_real_escape_string（）返回空字符串 mysql php
2015-11-27 13:34

回答 3 已采纳 mysqli_real_escape_string($username) is missing a required parameter The usage of mysqli_real_esc
对于PHP函数mysqli_real_escape_string（），$ link的目的是什么？ php
2017-02-07 02:53

回答 2 已采纳 That's a good and very logical question. Indeed, why would we need a connection for a trifle strin
mysqli mysql_real_escape_string,警告：mysqli_real_escape_string（）期望参数1为mysqli，字符串给定...
2021-02-07 23:38

许传志的博客 I have a secured area of my site where I can add/update/delete database entries. I am trying to update the script from mysql to mysqli. Everything works except for the "update" part. When I fill in...
mysqli_real_escape_string（）期望参数1为mysqli，null为null mysql php
2016-07-22 16:49

回答 3 已采纳 i think you have typo in your variable, please check your $connect => $conncet variable $c
HTML表单没有将值传递给PHP（mysqli_real_escape_string） html mysql php
2015-06-15 13:45

回答 7 已采纳 Change form type="post" to method="post" Add database connection string to your mysqli_real_escap
php mysqli我应该使用real_escape_string吗？ [重复] php
2012-11-18 15:48

回答 2 已采纳 According to PHP Manual on mysqli and prepared statements: Escaping and SQL injection Bou
mysqli mysql_real_escape_string_“ mysqli_real_escape_string”是否足以避免SQL注入或其他SQL攻击？...
2021-02-07 23:38

冰炭不同炉的博客小编典典有人可以告诉我它是否安全或是否容易受到SQL Injection攻击或其他SQL攻击吗？...对于无法使用准备好的语句(例如LIMIT)的情况，针对每个特定目的使用非常严格的白名单是保证安全的唯一方法。//...
mysqli_real_escape_string无效[关闭] mysql php
2014-08-20 12:13

回答 2 已采纳 you are using $ sign before function mysqli_real_escape_string make it $username = mysqli_real_e
不执行数据库查询 mysql_real_escape_string,使用mysqli_real_escape_string时查询不运行
2021-01-30 16:08

weixin_39599342的博客 I'm converting an old script to be compliant with MySQLi and ran in to an issue...$link = mysqli_connect("localhost", "user", "password", "database");if (mysqli_connect_errno()) {printf("Connect faile...
php escape的用法,PHP mysqli_real_escape_string() 函数用法及示例
2021-04-26 21:51

给你一个熊猫眼的博客 PHP mysqli_real_escape_string() 函数用法及示例mysqli_real_escape_string()函数根据当前连接的字符集，对于 SQL 语句中的特殊字符进行转义。定义和用法mysqli_real_escape_string()函数用来对字符串中的特殊字符...
sqlilabs关于mysqli_real_escape_string函数报错的问题解决。
2022-08-30 11:28

snowman12138的博客 sqlilabs关于mysqli_real_escape_string函数报错的问题解决。
mysqli_real_escape_string() 函数
2019-04-11 10:04

冷月醉雪的博客查看更多 https://www.yuque.com/docs/share/eaca5dfb-cf45-481c-8ff0-6dbbff465125
php mysql_real_escape_string函数用法与实例教程
2021-01-20 00:35

语法mysql_real_escape_string(string,connection) 参数描述 string 必需。规定要转义的字符串。 connection 可选。规定 MySQL 连接。如果未规定，则使用上一个连接。说明本函数将 string 中的特殊字符转义...
mysql_real_escape_string c api_mysql_real_escape_string
2021-03-03 23:48

高三垃圾的博客 } if (function_exists('mysql_real_escape_string') AND is_resource($this->conn_id)) { $str = mysql_real_escape_string($str, $this->conn_id); } elseif (function_exists('mysql_escape_string')) { $str = ...
没有解决我的问题, 去提问

悬赏问题

¥15 求螺旋焊缝的图像处理
¥15 blast算法（相关搜索：数据库）
¥15 请问有人会紧聚焦相关的matlab知识嘛？
¥15 网络通信安全解决方案
¥50 yalmip+Gurobi
¥20 win10修改放大文本以及缩放与布局后蓝屏无法正常进入桌面
¥15 itunes恢复数据最后一步发生错误
¥15 关于#windows#的问题：2024年5月15日的win11更新后资源管理器没有地址栏了顶部的地址栏和文件搜索都消失了
¥100 H5网页如何调用微信扫一扫功能？
¥15 讲解电路图，付费求解

Mysqli_real_escape_string无法识别链接

2条回答 默认 最新

悬赏问题

2条回答默认最新