mysqli_real_escape_string无效[关闭]

I have looked all over the web, checked the php syntax but I can't understand why this code is not working.

  // Create connection
  $con=mysqli_connect("localhost","task_user","task","tasks");

  // Check connection
  if (mysqli_connect_errno()) {
    echo "No se puede conectar a la base de datos: " . mysqli_connect_error();
  }
  else{
    //Verificación de la información de logeo
    $username = $_POST["user"];
    $username = stripslashes($username);
    $password = $_POST["passwd"];    
    $username = $mysqli_real_escape_string($con,$username);
    //$password = $mysqli_real_escape_string($password);
    //$sqlquery = "SELECT username,password FROM users WHERE username ='$username' AND password='$password'";
  }


  echo '<script type = "text/javascript"> restoreValues("' . $_POST["user"] . '","' .  $_POST["passwd"] . '"); </script>';
  echo "ALL OK";

If I comment the mysqli_real_escape_string then it works (ALL OK is printed), if I don't it doesn't work. What am I doing wrong??

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dongsou3041 2014-08-20 12:15
关注
you are using $ sign before function mysqli_real_escape_string

make it

$username = mysqli_real_escape_string($con,$username);

instead of

$username = $mysqli_real_escape_string($con,$username); ^ remove this
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(1条)

报告相同问题？

关注问题

mysqli_real_escape_string不会插入到db中 database html mysql php
2019-03-04 10:58

回答 5 已采纳 You are wrong to pass parameters to the mysqli_real_escape_string () function before inserting the
mysqli_real_escape_string（）警告此代码[关闭] php
2015-10-02 09:32

回答 1 已采纳 Your parameters are in the wrong order, read the documentation again. For example: $username = my
mysqli_real_escape_string（）返回空字符串 mysql php
2015-11-27 13:34

回答 3 已采纳 mysqli_real_escape_string($username) is missing a required parameter The usage of mysqli_real_esc
mysqli mysql_real_escape_string_PHP mysqli_real_escape_string() 函数
2021-02-07 23:38

weixin_39719101的博客实例转义字符串中的特殊字符：$con=mysqli_connect("localhost","my_user","my_password","my_db");// Check connectionif (mysqli_connect_errno($con)){echo "Failed to connect to MySQL: " . mysqli_connect_...
php mysql_real_escape_string转换为mysqli [复制] html mysql php
2016-08-30 17:57

回答 3 已采纳 I think you want this <?php $con=mysqli_connect("localhost","my_user","my_password","my_db");
mysqli_real_escape_string无效[关闭] mysql php
2014-08-20 12:13

回答 2 已采纳 you are using $ sign before function mysqli_real_escape_string make it $username = mysqli_real_e
Mysqli_real_escape_string无法识别链接 php
2016-03-17 17:34

回答 2 已采纳 You call $link in your function but it is not defined in your function. You have to pass it as a
mysqli mysql_real_escape_string,警告：mysqli_real_escape_string（）期望参数1为mysqli，字符串给定...
2021-02-07 23:38

许传志的博客 I have a secured area of my site where I can add/update/delete database entries. I am trying to update the script from mysql to mysqli. Everything works except for the "update" part. When I fill in...
对于PHP函数mysqli_real_escape_string（），$ link的目的是什么？ php
2017-02-07 02:53

回答 2 已采纳 That's a good and very logical question. Indeed, why would we need a connection for a trifle strin
mysqli_real_escape_string（）期望参数1为mysqli，null为null mysql php
2016-07-22 16:49

回答 3 已采纳 i think you have typo in your variable, please check your $connect => $conncet variable $c
HTML表单没有将值传递给PHP（mysqli_real_escape_string） html mysql php
2015-06-15 13:45

回答 7 已采纳 Change form type="post" to method="post" Add database connection string to your mysqli_real_escap
mysqli mysql_real_escape_string_“ mysqli_real_escape_string”是否足以避免SQL注入或其他SQL攻击？...
2021-02-07 23:38

冰炭不同炉的博客 // This is a string literal whitelist switch ($sortby) { case 'column_b': case 'col_c': // If it literally matches here, it's safe to use break; default: $sortby = 'rowid'; } // Only numeric ...
在数据库中保存带单引号的字符串，不带mysqli_real_escape_string [duplicate] mysql php
2015-12-31 07:13

回答 1 已采纳 Since Im seeing so many low quality comments here, here is a rough untested answer. $query = "INS
不执行数据库查询 mysql_real_escape_string,使用mysqli_real_escape_string时查询不运行
2021-01-30 16:08

weixin_39599342的博客 I'm converting an old script to be compliant with MySQLi and ran in to an issue...$link = mysqli_connect("localhost", "user", "password", "database");if (mysqli_connect_errno()) {printf("Connect faile...
mysqli_real_escape_string() 函数
2019-04-11 10:04

冷月醉雪的博客查看更多 https://www.yuque.com/docs/share/eaca5dfb-cf45-481c-8ff0-6dbbff465125
mysql_real_escape_string c api_mysql_real_escape_string
2021-03-03 23:48

高三垃圾的博客 } if (function_exists('mysql_real_escape_string') AND is_resource($this->conn_id)) { $str = mysql_real_escape_string($str, $this->conn_id); } elseif (function_exists('mysql_escape_string')) { $str = ...
sqlilabs关于mysqli_real_escape_string函数报错的问题解决。
2022-08-30 11:28

snowman12138的博客 sqlilabs关于mysqli_real_escape_string函数报错的问题解决。
php escape的用法,PHP mysqli_real_escape_string() 函数用法及示例
2021-04-26 21:51

给你一个熊猫眼的博客 PHP mysqli_real_escape_string()...定义和用法mysqli_real_escape_string()函数用来对字符串中的特殊字符进行转义，以使得这个字符串是一个合法的 SQL 语句。传入的字符串会根据当前连接的字符集进行转义，得到一...
mysql_real_escape_string与mysqli_real_escape_string
2019-09-27 10:39

dianai7709的博客参考mysql_real_escape_stringmysqli_real_escape_string mysql_real_escape_string是用来转义字符的，主要是转义POST或GET的参数，防治SQL注入（防注入可参考PHP防SQL注入不要再用addslashes和mysql_real_escape_...
没有解决我的问题, 去提问

悬赏问题

¥60 pb数据库修改或者求完整pb库存系统，需为pb自带数据库
¥15 spss统计中二分类变量和有序变量的相关性分析可以用kendall相关分析吗？
¥15 拟通过pc下指令到安卓系统，如果追求响应速度，尽可能无延迟，是不是用安卓模拟器会优于实体的安卓手机？如果是，可以快多少毫秒？
¥20 神经网络Sequential name=sequential, built=False
¥16 Qphython 用xlrd读取excel报错
¥15 单片机学习顺序问题！！
¥15 ikuai客户端多拨vpn，重启总是有个别重拨不上
¥20 关于#anlogic#sdram#的问题，如何解决？(关键词-performance)
¥15 相敏解调 matlab
¥15 求lingo代码和思路

mysqli_real_escape_string无效[关闭]

2条回答 默认 最新

悬赏问题

2条回答默认最新