douwu8524 2015-08-28 17:00
浏览 22
已采纳

为什么我们应该在登录中使用mysqli_real_escape_string()和stripslashes()函数并注册php文件

1- Why we should use the mysqli_real_escape_string() and the stripslashes() functions in a register and login php files?

2- Does these functions change the contents of the fields? If the answer is yes as the result the contents of the fields such as the username will change and the next time if the user want to login with his/her username It can not, because the contents of the username has been changed already, for example at the time of the registering in a website and now and as the result it can not login to the website because the contents of the fields such as the username has been changed by the the mysqli_real_escape_string() and the stripslashes() functions.

I have two ambiguity in the above questions.

  • 写回答

1条回答 默认 最新

  • douduan6731 2015-08-28 17:09
    关注

    Using these functions makes your site less vulnerable to SQL injection attacks, where an attacker puts SQL syntax into a form field to compromise your site. mysqli_real_escape_string() "escapes" special characters so that MySQL interprets them as literal string characters rather than operators in the query.

    These functions only affect characters that are important to SQL commands, and will not affect legitimate input, while foiling nefarious users.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 求解vmware的网络模式问题 别拿AI回答
  • ¥24 EFS加密后,在同一台电脑解密出错,证书界面找不到对应指纹的证书,未备份证书,求在原电脑解密的方法,可行即采纳
  • ¥15 springboot 3.0 实现Security 6.x版本集成
  • ¥15 PHP-8.1 镜像无法用dockerfile里的CMD命令启动 只能进入容器启动,如何解决?(操作系统-ubuntu)
  • ¥30 请帮我解决一下下面六个代码
  • ¥15 关于资源监视工具的e-care有知道的嘛
  • ¥35 MIMO天线稀疏阵列排布问题
  • ¥60 用visual studio编写程序,利用间接平差求解水准网
  • ¥15 Llama如何调用shell或者Python
  • ¥20 谁能帮我挨个解读这个php语言编的代码什么意思?