dongyue5686 2010-10-20 22:56
浏览 36
已采纳

从PHP框架中转义MySQL中的字符

I was wondering if when using the database library in Codeigniter there was a way to automatically escape all the inputs to prevent injection. I know I can use mysql_real_escape_string() to do it, but I wondered it this was already setup to do this automatically, if not are there any frameworks that have this included?

Thanks!

  • 写回答

3条回答 默认 最新

  • duanna1407 2010-10-20 23:23
    关注

    In order to use prepared statements, you can simply use query bindings with CodeIgniter.

    $query = 'SELECT id, name FROM user WHERE name = ?';
    $bind = array('Jake');
    $this->db->query($query, $bind);
    

    More info found here.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 求一下解题思路,完全不懂
  • ¥15 tensorflow
  • ¥15 densenet网络结构中,特征以cat方式复用后是怎么进行误差回传的
  • ¥15 STM32G471芯片spi设置了8位,总是发送16位
  • ¥15 R语言并行计算beta-NTI中tree文件的类型
  • ¥15 如何解读marsbar导出的ROI数据?
  • ¥20 求友友协助弄一下基于STC89C52单片机的声光控制灯原理图
  • ¥15 arduino双向交通灯设计
  • ¥15 有没有会粒子群算法的大能(○゜ε^○)求带不会出收敛图😭
  • ¥15 Matlab读取根元素出错