我试图将mysql_real_escape_string()转换为mysqli并一直在尝试:
$mysqli->real_escape_string($this->email);
然而,这会出现错误并且似乎不起作用。错误:
Undefined variable: mysqli in..
...其中涉及此行:$mysqli->real_escape_string($this->name),
有关如何在我的设置中使用此功能的任何建议?
class registerForm {
var $name;
var $email;
function registerContactFormular(){
}
function init() {
//some different init stuff
return true;
}
function save() {
if(isset($_REQUEST['field'])) {
$sql = sprintf("
INSERT INTO contact (
name,
email)
VALUES ('%s','%s','%s)",
mysqli_real_escape_string($this->name),
mysqli_real_escape_string($this->email));
$res = mysql_query($sql) or die( mysql_error());
}
if($res) {
return true;
}
}
}