我有一个名为testimonials.class.php的页面,其中有一个名为Testimonial的类。这里我给出了db.php的引用,它是db config class。当我在localhost上浏览我的网站时。它完美地运作。但是当我在服务器上部署它时,它会发出以下警告
警告:mysqli_real_escape_string()期望参数1为mysqli,给定字符串。
db.php中
<?php
$con=mysqli_connect("localhost","root","","aada");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
testimonial.class.php
<?php
require("db/db.php");
class Testimonial
{
private $data = array();
public function __construct($row)
{
$this->data = $row;
}
public static function validate(&$arr)
{
$errors = array();
$data = array();
// Using the filter with a custom callback function:
if(!($data['body'] = filter_input(INPUT_POST,'body',FILTER_CALLBACK,array('options'=>'Testimonial::validate_text'))))
{
$errors['body'] = 'Please enter a comment body.';
}
if(!empty($errors)){
// If there are errors, copy the $errors array to $arr:
$arr = $errors;
return false;
}
// If the data is valid, sanitize all the data and copy it to $arr:
foreach($data as $k=>$v){
$arr[$k] = mysqli_real_escape_string($v);
}
// Ensure that the email is lower case:
return true;
}
private static function validate_text($str)
{
/*
/ This method is used internally as a FILTER_CALLBACK
*/
if(mb_strlen($str,'utf8')<1)
return false;
// Encode all html special characters (<, >, ", & .. etc) and convert
// the new line characters to <br> tags:
$str = nl2br(htmlspecialchars($str));
// Remove the new line characters that are left
$str = str_replace(array(chr(10),chr(13)),'',$str);
return $str;
}
}
?>