问题描述

正如标题中所说，我如何知道 mysql_real_escape_string 是否正常工作而无需等待被黑客入侵?

As it says in the title , how can I tell if the mysql_real_escape_string is working how it should without waiting to be hacked ?

推荐答案

检查从中获得的值.

向它发送一些应该转义的文本，例如 Ed O'Neil(返回的应该是 Ed O''Neil 或 Ed O\'尼尔)

Send it some text that it should escape, such as Ed O'Neil (Which should come back as Ed O''Neil or Ed O\'Neil)

这篇关于如何判断 mysql_real_escape_string 是否正常工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！