Will this work?
$username = mysql_real_escape_string(isset($_POST['username'])) ? $_POST['username'] : '';
I know the ternary operator will work but what about the real escape? And how can I check for future reference if the real escape is successful?
Thanks
分享 Your code is escaping the conditional of the ternary expression not the result.
$username = mysql_real_escape_string(isset($_POST['username']) ? $_POST['username'] : '');
Move the bracket to the end of the expression then you will escape whatever the result of the ternary expression is. You could also use
$username = isset($_POST['username']) ? mysql_real_escape_string($_POST['username']) : '';
A better option is to use a function for this instead of having a bunch of huge lines of code around ie.
function escape_val($arr, $key, $default = ''){
return mysql_real_escape_string(isset($arr[$key]) ? $arr[$key] : $default);
}
$username = escape_val($_POST, 'username');
$some_other = escape_val($_POST,'key','default_value');
