我的原始代码:
defined('_VALID') or die('Restricted Access!');
define('DEFAULT_CATEGORY', 1);
require $config['BASE_DIR'].'/include/config.aemembedder.php';
Auth::checkAdmin();
$source = [
'website' => '',
'url' => '',
'username' => 'anonymous',
'uid' => 1,
'category' => '0'
];
$categories = get_categories();
if (isset($_POST['add_source'])) {
require $config['BASE_DIR'].'/classes/filter.class.php';
require $config['BASE_DIR'].'/classes/validation.class.php';
$filter = new VFilter();
$valid = new VValidation();
$url = $filter->get('url');
$username = $filter->get('username');
$category = $filter->get('category');
$source['url'] = $url;
$source['username'] = $username;
if ($url == '') {
$errors[] = 'URL field cannot be left blank!';
$err['url'] = 1;
} else {
$parts = explode('/', str_replace(array('http://www.', 'http://', 'https://www.', 'https://'), '', $url));
if (isset($parts['0'])) {
$site = $parts['0'];
if (!isset($sites[$site])) {
$errors[] = 'Invalid url! Supported sites: '.implode(', ', $sites).'!';
$err['url'] = 1;
} else {
$source['website'] = $sites[$site];
}
} else {
$errors[] = 'Failed to get site identifier from url!';
$err['url'] = 1;
}
}
if ($username == '') {
$errors[] = 'Username field cannot be left blank!';
$err['username'] = 1;
} else {
$rs = $conn->execute("
SELECT UID
FROM signup
WHERE username = '".mysqli_real_escape_string($username)."'
LIMIT 1
");
if (!$conn->Affected_Rows()) {
$errors[] = 'Username is not a valid username on this system!';
$err['username'] = 1;
} else {
$source['uid'] = (int) $rs->fields['UID'];
}
}
我收到此错误:
警告:mysqli_real_escape_string()恰好需要2个参数,给定1个
我更改了这一行:
$rs = $conn->execute("
SELECT UID
FROM signup
WHERE username = '".mysqli_real_escape_string($username)."'
LIMIT 1
");
对此:
$rs = $conn->execute("
SELECT UID
FROM signup
WHERE username = '".mysqli_real_escape_string($conn, $username)."'
LIMIT 1
");
现在我收到此错误:
警告:mysqli_real_escape_string()期望参数1为mysqli
如何解决?