问题描述

我在电子邮件地址上使用mysqli_real_escape_string()，它返回一个空字符串.它会使用任何电子邮件地址进行此​​操作.

I'm using mysqli_real_escape_string() on an email address, and it returns an empty string. It does this with any email address.

<?php
//from previous page - submitted by user.
$_POST['email']="[email protected]";
$_POST['password']='mypass1234';




//Link, I can verify it works.
$mysql_info=array(
     "url"=>"url",
     "username"=>"username",
     "password"=>"password",
     "database"=>"database"
);
$link=mysqli_connect($mysql_info['url'],$mysql_info['username'],$mysql_info['password'],$mysql_info['database']);


//Now I attempt to sanitize the user input.
$email=mysqli_real_escape_string($link,$_POST['email']);
$password=sha1(mysqli_real_escape_string($link,$_POST['password']));
var_dump($email);
var_dump($password);?>

我表的排序规则是"latin1_swedish_ci".

My table's collation is "latin1_swedish_ci".

推荐答案

如果您的连接为空($link)，它将返回一个空字符串.我对此进行了测试，并且效果很好.我建议您在连接中添加错误处理并启用错误报告.

If your connection is empty ($link), it will return an empty string. I tested this and it worked fine. I would recommend that you add error handling to your connection and enable error reporting.

<?php
$link = mysqli_connect("localhost", "root", "root", "test");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$_POST['email'] = "[email protected]";

$email = mysqli_real_escape_string($link, $_POST['email']);

var_dump($email);

mysqli_close($link);
?>

结果

string(17) "[email protected]"

这篇关于mysqli_real_escape_string()返回空字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！