第一个问题是我的代码是否安全第二个是向我显示警告
警告:mysqli_stmt :: bind_param():变量数量不匹配 第55行的准备好的语句中的参数数量
我仔细检查了所有参数,但无法解决此错误,我的代码在下面
if(isset($_POST['submit'])){
$host= filter_var(mysqli_real_escape_string($con,$_POST['host']), FILTER_SANITIZE_STRING);
$sec= filter_var(mysqli_real_escape_string($con,$_POST['security']), FILTER_SANITIZE_STRING);
$port= filter_var(mysqli_real_escape_string($con,$_POST['port']), FILTER_VALIDATE_INT);
$username= filter_var(mysqli_real_escape_string($con,$_POST['username']), FILTER_SANITIZE_EMAIL);
$password= filter_var(mysqli_real_escape_string($con,$_POST['password']), FILTER_SANITIZE_STRING);
$fromname= filter_var(mysqli_real_escape_string($con,$_POST['fromname']), FILTER_SANITIZE_STRING);
$fromemail= filter_var(mysqli_real_escape_string($con,$_POST['fromemail']), FILTER_SANITIZE_EMAIL);
$testermail= filter_var(mysqli_real_escape_string($con,$_POST['testermail']), FILTER_SANITIZE_EMAIL);
$update_mail_setting = $con->prepare("UPDATE `settings`
SET `host` = '$host', `port` = '$port', `security` = '$sec', `username` = '$username', `password` = '$password',
`from_email` = '$fromemail', `from_name` = '$fromname' WHERE `settings`.`id` = 1;");
$update_mail_setting->bind_param("sisssss", $host, $port, $security ,$username ,$password ,$fromemail, $fromname );
if($update_mail_setting->execute()){
$update_mail_setting->close();
$update_test_email=$con->prepare("UPDATE `testmail` SET `email` = '$testermail' WHERE `id` = 1;");
**---- Line 55** $update_test_email->bind_param("s",$testermail);
if($update_test_email->execute()){
$update_test_email->close();
echo "<script>alert('Settings Successfully Update');
//window.location.href = 'settings.php';
</script>";
}else{
echo '<script>alert("Fail To Update STMP Tester Mail ")</script>';
}
}else{
echo '<script>alert("Fail To Update STMP ")</script>';
}
}