获取控制台错误:mysql_real_escape_string()在使用时被点燃数据表codeigniter

时间:2016-02-25 09:11:00

标签: codeigniter datatables

这是我得到的控制台错误 mysql_real_escape_string():不推荐使用mysql扩展,将在中删除  未来:使用mysqli或PDO代替。我在Datatable库文件中遇到这个错误。有人知道是什么问题吗?

我的控制器

import java.io.File;
import java.io.IOException;

import org.apache.http.HttpStatus;

import android.content.Context;

import com.esp.ro.util.Config;
import com.esp.ro.util.Log;
import com.squareup.okhttp.MediaType;
import com.squareup.okhttp.MultipartBuilder;
import com.squareup.okhttp.OkHttpClient;
import com.squareup.okhttp.Request;
import com.squareup.okhttp.RequestBody;
import com.squareup.okhttp.Response;


public class MultipartRequest {

public Context caller;
public MultipartBuilder builder;
private OkHttpClient client;

public MultipartRequest(Context caller) {
    this.caller = caller;
    this.builder = new MultipartBuilder();
    this.builder.type(MultipartBuilder.FORM);
    this.client = new OkHttpClient();
}

public void addString(String name, String value) {
    this.builder.addFormDataPart(name, value);
}

public void addFile(String name, String filePath, String fileName) {
    this.builder.addFormDataPart(name, fileName, RequestBody.create(
            MediaType.parse("image/jpeg"), new File(filePath)));
}

public void addTXTFile(String name, String filePath, String fileName) {
    this.builder.addFormDataPart(name, fileName, RequestBody.create(
            MediaType.parse("text/plain"), new File(filePath)));
}

public void addZipFile(String name, String filePath, String fileName)
{
    this.builder.addFormDataPart(name, fileName, RequestBody.create(
           MediaType.parse("application/zip"), new File(filePath)));
}

public String execute(String url) {
    RequestBody requestBody = null;
    Request request = null;
    Response response = null;

    int code = 200;
    String strResponse = null;

    try {
        requestBody = this.builder.build();
        request = new Request.Builder().header("AUTH-KEY", Config.API_KEY)
                .url(url).post(requestBody).build();

        Log.print("::::::: REQ :: " + request);
        response = client.newCall(request).execute();
        Log.print("::::::: response :: " + response);

        if (!response.isSuccessful())
            throw new IOException();

        code = response.networkResponse().code();

        if (response.isSuccessful()) {
            strResponse = response.body().string();
        } else if (code == HttpStatus.SC_NOT_FOUND) {
            // ** "Invalid URL or Server not available, please try again" */
            strResponse = caller.getResources().getString(
                    R.string.error_invalid_URL);
        } else if (code == HttpStatus.SC_REQUEST_TIMEOUT) {
            // * "Connection timeout, please try again", */
            strResponse = caller.getResources().getString(
                    R.string.error_timeout);
        } else if (code == HttpStatus.SC_SERVICE_UNAVAILABLE) {
            // *
            // "Invalid URL or Server is not responding, please try again",
            // */
            strResponse = caller.getResources().getString(
                    R.string.error_server_not_responding);
        }
    } catch (Exception e) {
        Log.error("Exception", e);
        Log.print(e);
    } finally {
        requestBody = null;
        request = null;
        response = null;
        builder = null;
        if (client != null)
            client = null;
        System.gc();
    }
    return strResponse;
  }
}

我的观点

public function manageuser()
        { 
             $tmpl = array ( 'table_open'  => '<table id="big_table" border="1" cellpadding="2" cellspacing="1" class="mytable">' );
            $this->table->set_template($tmpl); 

            $this->table->set_heading('First Name','Last Name','Email');

             $this->load->view('moderator/manageuser');
        }
         public function datatable()
        {

             $this->datatables
            ->select("mro_id,mro_name,mctg_name,mctg_id")
            ->from('jil_mroproducts')
            ->join('jil_mrocategory', 'jil_mroproducts.mro_category=jil_mrocategory.mctg_id', 'INNER')
           ->edit_column('mro_name', '<a href="User/edit/$1">$2</a>', 'mro_id, mro_name');
            //->unset_column('mro_id');
             echo $this->datatables->generate();      
        }

我将此代码用于数据表。

<html>
<head>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script> 
<title>Subscriber management</title>
<meta http-equiv="content-type" content="text/html;charset=UTF-8">
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/datatable.css" type="text/css" media="screen"/>
<link rel="stylesheet" href="http://code.jquery.com/ui/1.10.2/themes/ui-lightness/jquery-ui.css" type="text/css" media="screen"/>   
<script type="text/javascript" src="<?php echo base_url(); ?>assets/js/jquery.dataTables.min.js"></script>
</head>
<body>
<div class="wrapper">
<script type="text/javascript">
        $(document).ready(function() {
    var oTable = $('#big_table').dataTable( {
        "bProcessing": true,
        "bServerSide": true,
        "sAjaxSource": '<?php echo base_url(); ?>moderator/User/datatable',
                "bJQueryUI": true,
                "sPaginationType": "full_numbers",
                "iDisplayStart ":20,
                "oLanguage": {
            "sProcessing": "<img src='<?php echo base_url(); ?>assets/images/ajax-loader_dark.gif'>"
        },  
        "fnInitComplete": function() {
                //oTable.fnAdjustColumnSizing();
         },
                'fnServerData': function(sSource, aoData, fnCallback)
            {
              $.ajax
              ({
                'dataType': 'json',
                'type'    : 'POST',
                'url'     : sSource,
                'data'    : aoData,
                'success' : fnCallback
              });
            }
    } );
} );
</script>
<h1>Subscriber management</h1>
<?php echo $this->table->generate(); ?>
    </div>
</body>

</html>

1 个答案:

答案 0 :(得分:1)

代码在库中使用 mysql_real_escape_string(),因此不推荐使用。

  1. 您必须从代码中删除 mysql_real_escape_string()并使用自定义代码。

  2. 否则你必须使用mysqli驱动程序进行codeigniter。 然后你可以使用mysqli_real_escape_string()。

  3. CodeIgniter switching driver from mysql --> mysqli

      

    更新:在下面添加天使解决方案。

    $sSearch =$this->ci->db->escape_like_str($this->ci->input->post('sSearch'));