我试图在我的PHP文件之间添加一些行。 现在,PHP文件如下所示
<?php
public function helloworld($hello,$world){
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
$conn = new mysqli($servername,$username,$password,$dbname);
$sql = "SELECT hello,world from universe where hello = '$hello' and world =
'$world'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "hello: " . $row["hello"]. " - Name: " . $row["firstname"];
}
}else {
echo "0 results";
}
$conn->close();
}
?>
因此,为了使其更加安全,我需要将函数中的变量传递给MYSQLI_REAL_ESCAPE_STRING。 像这样
<?php
public function helloworld($hello,$world){
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
$conn = new mysqli($servername,$username,$password,$dbname);
$hello= mysqli_real_escape_string($conn,$hello);
$world= mysqli_real_escape_string($conn,$world);
$sql = "SELECT hello,world from universe where hello = '$hello' and world
= '$world'";
$result = $conn->query($sql);
.........
现在主要的问题是该功能需要1800个功能。我试图使用PHP编写脚本,但一无所获。 有人可以帮我吗?