本文整理汇总了PHP中mysqli_escape_string函数的典型用法代码示例。如果您正苦于以下问题:PHP mysqli_escape_string函数的具体用法?PHP mysqli_escape_string怎么用?PHP mysqli_escape_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了mysqli_escape_string函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: process_image
function process_image()
{
global $target_path;
global $clickFlag;
global $con;
global $dUsername;
global $dFullname;
$clickFlag = "You did not upload any file";
if (isset($_FILES["passport"]["name"])) {
$file_name = $_FILES["passport"]["name"];
if ($_FILES["passport"]["error"] > 0) {
echo "Error in the following file " . $file_name . ":" . $_FILES["passport"]["error"] . "<br />";
} elseif ($_FILES["passport"]["error"] <= 0) {
$temp_name = $_FILES["passport"]["tmp_name"];
$imgtype = $_FILES["passport"]["type"];
$ext = getImageExtension($imgtype);
$imgname = $dFullname . $ext;
$target_path = "upload/" . $imgname;
$insert_picture = "UPDATE user_profile SET Passport = '" . mysqli_escape_string($con, $target_path) . "' WHERE Username = '{$dUsername}'";
if (!mysqli_query($con, $insert_picture)) {
echo mysqli_error($con);
}
if (move_uploaded_file($temp_name, $target_path)) {
return true;
}
} else {
return false;
}
} else {
global $NoFileError;
$NoFileError = "You did not upload any file";
}
}
开发者ID:GraceEmenike,项目名称:Personal-Profile,代码行数:33,代码来源:profileEdit.php
示例2: save_kmeans_data
function save_kmeans_data($result_kmeans, $user)
{
$insert = null;
$link = (require 'MySQL/ConnectionDB.php');
mysqli_query($link, "DELETE FROM Kmeans_Data WHERE user_id = {$user}");
$query = "INSERT INTO Kmeans_Data (user_id, centroid, ctg_id, number_likes) VALUES";
foreach ($result_kmeans as $ctg => $category) {
foreach ($category as $cnt => $value) {
foreach ($value as $key => $num) {
$insert .= "('" . mysqli_escape_string($link, $user) . "', " . "'" . mysqli_escape_string($link, $cnt) . "', " . "'" . mysqli_escape_string($link, $num[0]) . "', " . "'" . mysqli_escape_string($link, $num[1]) . "'),";
}
}
}
if ($insert != "") {
$insert = substr($insert, 0, strlen($insert) - 1);
$insert .= ";";
}
$query .= $insert;
if ($insert) {
$entry = mysqli_query($link, $query);
if (!$entry) {
die('Could not entered data k-means' . mysql_error());
}
}
mysqli_close($link);
}
开发者ID:vitorguerreiro,项目名称:Choose-Your-Destiny,代码行数:26,代码来源:K-Means.php
示例3: loginAction
public function loginAction($twig, $params)
{
if (is_authorized()) {
header("Location: /");
} else {
if (empty($_POST['confirm'])) {
$_POST['confirm'] = 0;
}
if ($_POST['confirm'] == 1) {
if (!empty($_POST['login'])) {
$login = mysqli_escape_string($this->dbConnect, $_POST['login']);
$password = md5($_POST['password']);
$query = mysqli_query($this->dbConnect, "select id, login, smena from users where login = '{$login}' and passwd = '{$password}'");
if (mysqli_num_rows($query) > 0) {
$result = mysqli_fetch_assoc($query);
$_SESSION['user_id'] = $result['id'];
$_SESSION['user_fio'] = $result['login'];
$_SESSION['user_smena'] = $result['smena'];
header("Location: /");
} else {
echo $twig->render('login.html.twig', array('error' => 'Bad credentials'));
}
} else {
echo $twig->render('login.html.twig', array('error' => 'Login is empty'));
}
} else {
echo $twig->render('login.html.twig');
}
}
}
开发者ID:alexBLR,项目名称:firmware,代码行数:30,代码来源:mainController.php
示例4: check_game
function check_game($dbc, $Game = '')
{
$errors = array();
//Game Name validation, Gamename cannot be left empty, and must be between 4 and 40 characters in length
if (empty($Game)) {
$errors[] = "The game name field is empty.</br>";
} else {
if (strlen($Game) > 40) {
$errors[] = "The game name is too long, it must be between 3 and 40 characters in length. If longer than 40 characters, please either abbreviate or use an acronym.</br>";
} else {
if (strlen($Game) < 3) {
$errors[] = "The game is too short, it must be between 3 and 40 characters in length.</br>";
} else {
$G = mysqli_escape_string($dbc, trim($Game));
}
}
}
if (empty($errors)) {
$qGame = "INSERT INTO game (GameName) VALUES ('{$G}')";
$result = mysqli_query($dbc, $qGame);
if ($result) {
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
return array(true, $row);
} else {
$errors[] = "Insertion of the game could not complete, please try again.</br>";
}
}
return array(false, $errors);
}
开发者ID:spratters53,项目名称:Dissertation-Project,代码行数:29,代码来源:CreateGameFunctions.inc.php
示例5: check_publisher
function check_publisher($dbc, $Publisher = '')
{
$errors = array();
//publisher validation, the publisher cannot be left empty, and must be between 4 and 40 characters in length
if (empty($Publisher)) {
$errors[] = "The Publisher Field is Empty.</br>";
} else {
if (strlen($Publisher) > 40) {
$errors[] = "The Publishers name is too long, it must be between 3 and 40 characters in length. If longer than 40 characters, please either abbreviate or use an acronym.</br>";
} else {
if (strlen($Publisher) < 3) {
$errors[] = "The Publisher is too short, it must be between 3 and 40 characters in length.</br>";
} else {
$U = mysqli_escape_string($dbc, trim($Publisher));
}
}
}
if (empty($errors)) {
$qPub = "INSERT INTO publisher (Publisher) VALUES ('{$U}')";
$result = mysqli_query($dbc, $qPub);
if ($result) {
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
return array(true, $row);
} else {
$errors[] = "Insertion of the publisher could not complete, please try again.</br>";
}
}
return array(false, $errors);
}
开发者ID:spratters53,项目名称:Dissertation-Project,代码行数:29,代码来源:CreatePublisherFunctions.inc.php
示例6: addGroupAction
public function addGroupAction($twig, $params)
{
if ($this->getRole() == 1 or $this->getRole() == 2 or $this->getRole() == 3) {
$name = mysqli_escape_string($this->dbConnect, $_POST['name']);
if (!empty($name)) {
$field = '';
if ($this->getRole() == 2 or $this->getRole() == 3) {
$field = ", parrent = {$this->user}";
}
$query = mysqli_query($this->dbConnect, "insert into groups set name = '{$name}' {$field}");
$rezz = mysqli_query($this->dbConnect, "SELECT last_insert_id()");
$lastId = mysqli_fetch_row($rezz);
foreach ($_POST['fid'] as $key => $val) {
if (empty($_POST['enabled'][$val])) {
$enabl = 1;
} else {
$enabl = 0;
}
$query = mysqli_query($this->dbConnect, "insert into prices set fid = '{$val}', parrent_group = '{$lastId[0]}', price = '{$_POST['price'][$val]}', enabled = '{$enabl}'");
}
if ($query) {
header("Location: /groups/");
}
} else {
header("Location: /groups/");
}
}
}
开发者ID:alexBLR,项目名称:firmware,代码行数:28,代码来源:groupController.php
示例7: BuildQuery
public function BuildQuery()
{
$csvfile = str_replace('\\', '/', tempnam(sys_get_temp_dir(), "mys") . ".csv");
$fp = fopen($csvfile, "w");
$value = '';
// Collect rows and build csv file contents
$index = 0;
foreach ($this->Rows as $row) {
$first_field = true;
$index++;
foreach ($this->FieldNames as $field_name) {
if (!$first_field) {
$value .= ';';
} else {
$first_field = false;
}
// Check that the current field name has been specified for this row
if (isset($row['columns'][$field_name])) {
$value .= '"' . mysqli_escape_string($this->Database, $row['columns'][$field_name]) . '"';
} else {
throw new RuntimeException("DbBufferedLoadFile : row #{$index} missing column '{$field_name}'.");
}
}
$value .= "\n";
}
fwrite($fp, $value);
fclose($fp);
// Build the query
$query = "\r\n\t\t\t\t\tLOAD DATA LOCAL INFILE '{$csvfile}'\r\n\t\t\t\t\tINTO TABLE {$this->TableName}\r\n\t\t\t\t\tFIELDS TERMINATED BY ';' \r\n\t\t\t\t\t\tOPTIONALLY ENCLOSED BY '\"'\r\n\t\t\t\t\t\tESCAPED BY '\"'\r\n\t\t\t\t\tLINES TERMINATED BY '\\n'\r\n\t\t\t\t ";
$query .= '(' . implode(',', $this->FieldNames) . ')';
// Remember the generated csv file for later cleaning
$this->CsvFile = $csvfile;
return $query;
}
开发者ID:wuthering-bytes,项目名称:phpclasses-org,代码行数:34,代码来源:DbBufferedLoadFile.php
示例8: insertignore
public function insertignore($rows)
{
foreach ($rows as $key => $value) {
$f .= '`' . $key . '`, ';
$v .= "'" . mysqli_escape_string($this->_database, $value) . "', ";
}
return 'insert ignore into ' . $this->table_send . ' (' . rtrim($f, ', ') . ') values (' . rtrim($v, ', ') . ')';
}
开发者ID:ProjectOrangeBox,项目名称:lighting-q,代码行数:8,代码来源:shared.inc.php
示例9: __construct
public function __construct($table_name, $comment = '', $database = null, $recreate = false)
{
global $Database;
$this->Name = $table_name;
$this->Database = $database ? $database : $Database;
$this->Comment = mysqli_escape_string($this->Database, $comment);
$this->EnsureExists($recreate);
}
开发者ID:wuthering-bytes,项目名称:phpclasses-org,代码行数:8,代码来源:DbTable.php
示例10: set
public function set($k, $v)
{
$k = $this->table . '.' . $k;
$this->del($k);
$query = "REPLACE INTO infosdb SET data_key = '{$k}', data_value = '" . mysqli_escape_string($this->db, serialize($v)) . "'";
$result = mysqli_query($this->db, $query);
return $this;
}
开发者ID:schpill,项目名称:standalone,代码行数:8,代码来源:Motor.php
示例11: addQuotes
/**
* Handles quatation of the string variables from the query
* @param string $string
* @return string
*/
function addQuotes($string)
{
if (!is_numeric($string)) {
$connection = $this->_getConnection('master');
$string = mysqli_escape_string($connection, $string);
}
return $string;
}
开发者ID:rhymix,项目名称:rhymix,代码行数:13,代码来源:DBMysqli.class.php
示例12: login
function login($connection, $email, $senha)
{
$email = mysqli_escape_string($connection, $email);
$senhaMd5 = md5($senha);
$query = "SELECT * FROM Usuario WHERE email = '{$email}' AND senha = '{$senhaMd5}'";
$result = mysqli_query($connection, $query);
return mysqli_fetch_assoc($result);
}
开发者ID:RobHawk90,项目名称:LojaPHP,代码行数:8,代码来源:UsuarioDAO.php
示例13: getUserData
public function getUserData($username)
{
$username = mysqli_escape_string($this->conn, $username);
$query = "SELECT Username,Password FROM member WHERE Username = '{$username}'";
$result = $this->conn->query($query);
$row = $result->fetch_array(MYSQLI_ASSOC);
return isset($row) ? array("username" => $row['Username'], "password" => $row['Password']) : null;
}
开发者ID:ao222qc,项目名称:IDV608_2,代码行数:8,代码来源:UserDAL.php
示例14: buscaUsuario
function buscaUsuario($conexao, $email, $senha)
{
$senhamd5 = md5($senha);
$email = mysqli_escape_string($conexao, $email);
$query = "select * from usuarios where email='{$email}' and senha='{$senhamd5}'";
$resultado = mysqli_query($conexao, $query);
return mysqli_fetch_assoc($resultado);
}
开发者ID:VictorVoid,项目名称:AlurCenter,代码行数:8,代码来源:banco-usuario.php
示例15: executeWithArgs
public function executeWithArgs($sql, $vars)
{
foreach ($vars as $identifier => $value) {
// Components::getInstance()->get('logger')->log('$identifier', $identifier);
$sql = str_replace(':' . $identifier, mysqli_escape_string($this->connection, $value), $sql);
}
// Components::getInstance()->get('logger')->log('$sql', $sql);
$this->executeNoArgs($sql);
}
开发者ID:jbeyer1984,项目名称:ownFramework,代码行数:9,代码来源:Db.php
示例16: insereProduto
function insereProduto($conexao, $nome, $preco, $descricao, $categoria_id, $usado)
{
$nome = mysqli_escape_string($conexao, $nome);
$preco = mysqli_escape_string($conexao, $preco);
$descricao = mysqli_escape_string($conexao, $descricao);
$query = "INSERT INTO produtos (nome, preco, descricao, categoria_id, usado) values ('{$nome}','{$preco}', '{$descricao}', '{$categoria_id}','{$usado}')";
$resultadoDaInsercao = mysqli_query($conexao, $query);
return $resultadoDaInsercao;
}
开发者ID:VictorVoid,项目名称:AlurCenter,代码行数:9,代码来源:banco-produto.php
示例17: quote
public function quote($string)
{
if (function_exists('mysqli_real_escape_string')) {
$string = mysqli_real_escape_string($this->getLink(), $string);
} elseif (function_exists('mysqli_escape_string')) {
$string = mysqli_escape_string($string);
}
return '"' . addslashes($string) . '"';
}
开发者ID:xiaoguizhidao,项目名称:extensiongsd,代码行数:9,代码来源:Driver.php
示例18: SQL_escape_string
function SQL_escape_string($arr)
{
// pas bonnnnn car ne sert à rien !
if (function_exists("mysqli_real_escape_string")) {
@mysqli_real_escape_string($arr);
} elseif (function_exists("mysqli_escape_string")) {
@mysqli_escape_string($arr);
}
return $arr;
}
开发者ID:Jireck-npds,项目名称:npds_dune,代码行数:10,代码来源:mysqli.php
示例19: escape
function escape($string)
{
return addslashes($string);
// Disable rest for now, causing problems
if (!$this->dbh || version_compare(phpversion(), '4.3.0') == '-1') {
return mysqli_escape_string($string);
} else {
return mysqli_real_escape_string($string, $this->dbh);
}
}
开发者ID:polyverse-security,项目名称:wordpress,代码行数:10,代码来源:wp-db.php
示例20: db_update
public function db_update($table, $where, $data = array())
{
$sql_tmp = '';
foreach ($data as $key => $val) {
$sql_tmp .= $key . '=' . '\'' . mysqli_escape_string($conn, $val) . '\',';
}
$sql = 'UPDATE ' . $table . ' SET ' . trim($sql_tmp, ',') . ' WHERE ' . $where;
$result = $this->Get_query($sql);
return $result;
}
开发者ID:WHTGo,项目名称:EXP-Training,代码行数:10,代码来源:db_mysqli.php
注:本文中的mysqli_escape_string函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论