当前位置: 首页>>代码示例>>PHP>>正文


PHP mysqli::real_escape_string方法代码示例

本文整理汇总了PHP中mysqli::real_escape_string方法的典型用法代码示例。如果您正苦于以下问题:PHP mysqli::real_escape_string方法的具体用法?PHP mysqli::real_escape_string怎么用?PHP mysqli::real_escape_string使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在mysqli的用法示例。


在下文中一共展示了mysqli::real_escape_string方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: authenticateWithEmail

 /**
  * (non-PHPdoc)
  * @see IUserLoginMethod::authenticateWithEmail()
  */
 public function authenticateWithEmail($email, $password)
 {
     // connect to a data base
     // Note: If your source application shares the same data base, you can simply use $this->_db, rather than open another connection.
     $mysqli = new mysqli($this->_websoccer->getConfig('db_host'), $this->_websoccer->getConfig('db_user'), $this->_websoccer->getConfig('db_passwort'), $this->_websoccer->getConfig('db_name'));
     // get user from your source table
     $escapedEMail = $mysqli->real_escape_string($email);
     $dbresult = $mysqli->query('SELECT password FROM mydummy_table WHERE email = \'' . $escapedEMail . '\'');
     if (!$dbresult) {
         throw new Exception('Database Query Error: ' . $mysqli->error);
     }
     $myUser = $dbresult->fetch_array();
     $dbresult->free();
     $mysqli->close();
     // could not find user
     if (!$myUser) {
         return FALSE;
     }
     // check is password is correct (in this sample case a simple MD5 hashing is applied).
     if ($myUser['password'] != md5($password)) {
         return FALSE;
     }
     // user is valid user according to custom authentication check. Now test if user already exists in local DB and return its ID.
     $existingUserId = UsersDataService::getUserIdByEmail($this->_websoccer, $this->_db, strtolower($email));
     if ($existingUserId > 0) {
         return $existingUserId;
     }
     // if user does not exist, create a new one. Nick name can be entered by user later.
     return UsersDataService::createLocalUser($this->_websoccer, $this->_db, null, $email);
 }
开发者ID:astroChasqui,项目名称:open-websoccer,代码行数:34,代码来源:DemoUserLoginMethod.class.php

示例2: handle_login

function handle_login()
{
    $username = $_POST['username'];
    $password = $_POST['password'];
    require_once 'db.conf';
    $mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
    if ($mysqli->connect_error) {
        $error = 'Error: ' . $mysqli->connect_errno . ' ' . $mysqli->connect_error;
        require "login_form.php";
        exit;
    }
    $username = $mysqli->real_escape_string($username);
    $password = $mysqli->real_escape_string($password);
    $query = "SELECT * FROM users WHERE username = '{$username}' AND password = '{$password}'";
    $mysqliResult = $mysqli->query($query);
    // print_r(mysqli_fetch_all($mysqliResult,MYSQLI_ASSOC));
    if ($mysqliResult) {
        $match = $mysqliResult->num_rows;
        $mysqliResult->close();
        $mysqli->close();
        //print "The match is $match";
        if ($match == 1) {
            $_SESSION['loggedin'] = $username;
            header("Location: home.php");
            exit;
        } else {
            $error = "Incorrect username or password";
            require "login_form.php";
            exit;
        }
    }
}
开发者ID:Jrf5x8,项目名称:tennis,代码行数:32,代码来源:login.php

示例3: escape

 /**
  * @inheritdoc
  */
 public function escape($value)
 {
     if (!is_object($this->dbh)) {
         $this->connect();
     }
     return $this->dbh->real_escape_string($value);
 }
开发者ID:miknatr,项目名称:dbster,代码行数:10,代码来源:AdapterMysqliConnection.php

示例4: join_team

function join_team($code)
{
    if (!isset($_SESSION['User'])) {
        return 'You must be logged in to join a team.';
    }
    $conn = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
    $ecode = $conn->real_escape_string($code);
    $tquery = "SELECT * FROM `teams` WHERE teamcode='{$ecode}'";
    $res = $conn->query($tquery);
    if (!$res) {
        return 'Team with code does not exist.';
    }
    $data = $res->fetch_assoc();
    if (!$data) {
        return 'Team with code does not exist.';
    }
    $name = $data['name'];
    $ename = $conn->real_escape_string($name);
    $user = $_SESSION['User'];
    $euser = $conn->real_escape_string($user);
    $joinquery = "UPDATE `users` SET team='{$ename}' WHERE name='{$euser}'";
    $conn->query($joinquery);
    if ($conn->error) {
        return 'Failed to join team.';
    }
    return 'OK';
}
开发者ID:QuantumIsaac,项目名称:Disparity-CTF,代码行数:27,代码来源:team_api.php

示例5: mysqli

    function __construct($metaphone, $gender, $count)
    {
        $this->mRecords = [];
        $db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);
        $safe_metaphone = $db->real_escape_string($metaphone);
        $safe_gender = $db->real_escape_string($gender);
        $query = <<<QUERY
SELECT\tName,
\t\tSUM(NameCount) AS NameCount,
          SUM(Total) AS Total
FROM\t     names
JOIN \tname_counts ON NameId = FK_NameID
JOIN \tyear_gender_totals ON YearGenderTotalID = FK_YearGenderTotalID
WHERE\tMetaphone = '{$safe_metaphone}'
AND \t     Gender = '{$safe_gender}'
GROUP BY  Name
ORDER BY  CAST(SUM(NameCount) / SUM(Total) AS DECIMAL(18,16)) DESC
LIMIT 0, {$count};
QUERY;
        $results = $db->query($query);
        $recs = $results->fetch_all(MYSQLI_NUM);
        //          $name, $gender, $year, $rank, $count, $total, $metaphone
        foreach ($recs as $rec) {
            $name_popularity_rec = new NamePopularityRecord($rec[MetaphoneSet::NAME_FIELD], $gender, 0, 0, $rec[MetaphoneSet::COUNT_FIELD], $rec[MetaphoneSet::TOTAL_FIELD], $metaphone);
            $this->mRecords[] = $name_popularity_rec;
        }
    }
开发者ID:nomad-mystic,项目名称:CIS195PHP,代码行数:27,代码来源:MetaphoneSet.php

示例6: mysqli

    function __construct($year, $gender, $count)
    {
        $this->mRecords = [];
        $db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);
        $safe_year = $db->real_escape_string($year);
        $safe_gender = $db->real_escape_string($gender);
        $safe_count = $db->real_escape_string($count);
        echo $count;
        $query = <<<QUERY
SELECT Name, Metaphone, Rank, NameCount, Year, Gender, Total
FROM NAMES
JOIN NAME_COUNTS ON NameID = FK_NameID
JOIN YEAR_GENDER_TOTALS ON YearGenderTotalID = FK_YearGenderTotalID
WHERE Year = {$safe_year}
AND Gender = '{$safe_gender}'
ORDER BY Rank
LIMIT 0, {$safe_count};
QUERY;
        $results = $db->query($query);
        $recs = $results->fetch_all(MYSQLI_NUM);
        //          $name, $gender, $year, $rank, $count, $total, $metaphone
        foreach ($recs as $rec) {
            $name_popularity_rec = new NamePopularityRecord($rec[YearSet::NAME_FIELD], $rec[YearSet::GENDER_FIELD], $rec[YearSet::YEAR_FIELD], $rec[YearSet::RANK_FIELD], $rec[YearSet::COUNT_FIELD], $rec[YearSet::TOTAL_FIELD], $rec[YearSet::METAPHONE_FIELD]);
            $this->mRecords[] = $name_popularity_rec;
        }
    }
开发者ID:nomad-mystic,项目名称:CIS195PHP,代码行数:26,代码来源:YearSet.php

示例7: importKeywords

 public function importKeywords()
 {
     $db = ConnectionManager::getDataSource('default');
     $mysqli = new mysqli($db->config['host'], $db->config['login'], $db->config['password'], $db->config['database']);
     $sql = array('links', 'links_keywords');
     foreach (glob('/home/kiang/public_html/news/cache/output/*.json') as $jsonFile) {
         $json = json_decode(file_get_contents($jsonFile), true);
         $newLinkId = String::uuid();
         $json['title'] = $mysqli->real_escape_string(trim($json['title']));
         $json['url'] = $mysqli->real_escape_string($json['url']);
         $json['created'] = date('Y-m-d H:i:s', $json['created_at']);
         $sql['links'][] = "('{$newLinkId}', '{$json['title']}', '{$json['url']}', '{$json['created']}')";
         foreach ($json['keywords'] as $keywordId => $summary) {
             $lkId = String::uuid();
             $summary = $mysqli->real_escape_string(trim($summary));
             $sql['links_keywords'][] = "('{$lkId}', '{$newLinkId}', '{$keywordId}', '{$summary}')";
         }
         unlink($jsonFile);
     }
     if (!empty($sql['links'])) {
         $linksSql = 'INSERT INTO links VALUES ' . implode(',', $sql['links']) . ";\n";
         $lkSql = 'INSERT INTO links_keywords VALUES ' . implode(',', $sql['links_keywords']) . ';';
         file_put_contents(TMP . 'keywords.sql', $linksSql . $lkSql);
     }
 }
开发者ID:parker00811,项目名称:elections,代码行数:25,代码来源:KeywordShell.php

示例8: login

 public static function login($data)
 {
     $config = new Config();
     $mysqli = new mysqli($config->host, $config->user, $config->pass, $config->db);
     if ($mysqli->connect_errno) {
         print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Failed to connect to MySQL: (' . $mysqli->connect_errno . ') ' . $mysqli->connect_error));
         return;
     } else {
         $username = $mysqli->real_escape_string($data['username']);
         $password = $mysqli->real_escape_string($data['password']);
         $query1 = "SELECT * FROM judges WHERE judgeuname = '{$username}' AND judgepword='{$password}'";
         $result = $mysqli->query($query1);
         if ($result) {
             if ($row = $result->fetch_assoc()) {
                 /*** set the session user_id variable ***/
                 $_SESSION['user'] = $row;
                 /*** set a form token ***/
                 $form_token = md5(uniqid('auth', true));
                 /*** set the session form token ***/
                 $_SESSION['auth_token'] = $form_token;
                 /*** tell the user we are logged in ***/
                 print json_encode(array('success' => true, 'status' => 200, 'form_token' => $form_token, 'childs' => $row));
             } else {
                 $message = 'Login Failed';
                 print json_encode(array('success' => false, 'status' => 200, 'msg' => $message));
             }
         } else {
             $message = 'Error with SQL' . $query1;
             print json_encode(array('success' => false, 'status' => 400, 'msg' => $message));
         }
     }
 }
开发者ID:jbagaresgaray,项目名称:TABULATION-SYSTEM,代码行数:32,代码来源:model.php

示例9: mysqli

    function __construct($name, $gender, $metaphone)
    {
        $this->mRecords = [];
        $db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);
        $safe_name = $db->real_escape_string($name);
        $safe_gender = $db->real_escape_string($gender);
        $query = <<<QUERY
SELECT Year, IFNULL((
    SELECT  NameCount
    FROM    NAME_COUNTS
    JOIN    NAMES ON NameID = FK_NameID
    WHERE   Name = '{$safe_name}'
    AND     YearGenderTotalID = FK_YearGenderTotalID
), 0) AS NameCount,
          Total
FROM \tyear_gender_totals
WHERE\tGender = '{$safe_gender}'
ORDER BY\tYear;
QUERY;
        $results = $db->query($query);
        $recs = $results->fetch_all(MYSQLI_NUM);
        //          $name, $gender, $year, $rank, $count, $total, $metaphone
        foreach ($recs as $rec) {
            $name_popularity_rec = new NamePopularityRecord($name, $gender, $rec[NameSet::YEAR_FIELD], 0, $rec[NameSet::COUNT_FIELD], $rec[NameSet::TOTAL_FIELD], $metaphone);
            $this->mRecords[] = $name_popularity_rec;
        }
    }
开发者ID:nomad-mystic,项目名称:CIS195PHP,代码行数:27,代码来源:NameSet.php

示例10: saveDataToDatabase

function saveDataToDatabase()
{
    date_default_timezone_set("Asia/Tokyo");
    //set timezone to Tokyo
    $date = date("Y-m-d H:i:s");
    $servername = "domremy.xsrv.jp";
    $username = "domremy_system";
    $password = "hqcx66cs";
    $dbname = "domremy_product";
    // Create connection
    $conn = new mysqli($servername, $username, $password, $dbname);
    $ProductName = $conn->real_escape_string($_POST["product"]);
    $PepperText = $conn->real_escape_string($_POST["pepperText"]);
    $Text = $conn->real_escape_string($_POST["detail"]);
    // Check connection
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }
    $sql = "INSERT INTO product_tb (productName, productDetailText, productPepperText, productRecodeDate, productValidity)\n                VALUES ('{$ProductName}', '{$Text}','{$PepperText}','{$date}','1')";
    if ($conn->query($sql) === TRUE) {
        $temp = explode(".", $_FILES["file"]["name"]);
        $extension = strtolower(end($temp));
        $id = $conn->insert_id;
        $filename = $id . "." . $extension;
        $sql = "UPDATE product_tb SET productFileName ='{$filename}' WHERE productId='{$id}'";
        $conn->query($sql);
        saveImageToServer($filename);
        echo "New record created successfully";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
    $conn->close();
}
开发者ID:euniciaruiz,项目名称:domremy_system,代码行数:33,代码来源:upload.php

示例11: escapeValues

 /**
  * @inheritDoc
  */
 public function escapeValues(array $values)
 {
     $escaped = [];
     foreach ($values as $value) {
         $escaped[] = $this->conn->real_escape_string($value);
     }
     return $escaped;
 }
开发者ID:repo2,项目名称:query-builder,代码行数:11,代码来源:Mysqli.php

示例12: find_in_set

 /**
  * Auto-generate a FIND_IN_SET() statement
  *
  * @param string  $strKey     The field name
  * @param mixed   $varSet     The set to find the key in
  * @param boolean $blnIsField If true, the set will not be quoted
  *
  * @return string The FIND_IN_SET() statement
  */
 protected function find_in_set($strKey, $varSet, $blnIsField = false)
 {
     if ($blnIsField) {
         return "FIND_IN_SET(" . $strKey . ", " . $varSet . ")";
     } else {
         return "FIND_IN_SET(" . $strKey . ", '" . $this->resConnection->real_escape_string($varSet) . "')";
     }
 }
开发者ID:StephenGWills,项目名称:sample-contao-app,代码行数:17,代码来源:Mysqli.php

示例13: addMOProperty

function addMOProperty($unifiedName, $client)
{
    $mysqli = new mysqli(HOSTNAME, USERNAME, PASSWD, DATABASE);
    if ($mysqli->connect_errno) {
        die("error: " . $mysqli->connect_error);
    }
    $localTable = "MOSpacePeople";
    $parser = new HumanNameParser_Parser($unifiedName);
    $last = $parser->getLast();
    $first = $parser->getFirst();
    //@Debug
    //echo "Checking ".$last.", ".$first.".....";
    $q = "SELECT * from " . $localTable . " where firstname='" . $mysqli->real_escape_string($first) . "' and lastname='" . $mysqli->real_escape_string($last) . "'";
    $fromMU = 0;
    $isProfessor = 0;
    if ($result = $mysqli->query($q)) {
        if ($result->num_rows == 1) {
            //@Debug
            //echo "found in local database.....";
            $fromMU = 1;
            if ($resAssocArray = $result->fetch_assoc()) {
                if (isset($resAssocArray['Title'])) {
                    $isProfessor = findIfProfessor($resAssocArray['Title']) == 1 ? 1 : 0;
                    //@Debug
                    //if($isProfessor == 1) echo "is a prof\n"; else echo "NOT a prof\n";
                } else {
                    $isProfessor = 0;
                    //@Debu
                    //echo "NOT a prof\n";
                }
            } else {
                die("fetch result from MOSpacePeople failed");
            }
        } else {
            $peopleFinderURL = "https://webservices.doit.missouri.edu/peoplefinderWS/peoplefinderws.asmx/PeopleFinderXml?firstName=" . urlencode($first) . "&lastname=" . urlencode($last) . "&department=&phoneno=&email=";
            $url_parser = new URLParser($peopleFinderURL);
            $retArr = $url_parser->XMLToArray();
            if (intval($retArr['@attributes']['found']) == 1) {
                //@Debug
                //echo "found in Peoplefinder...";
                $fromMU = 1;
                $title = array_key_exists("Title", $retArr['Person']) && !empty($retArr['Person']['Title']) ? $retArr['Person']['Title'] : "";
                $isProfessor = findIfProfessor($title) == 1 ? 1 : 0;
                //@Debug
                //if($isProfessor == 1) echo "is a prof\n"; else echo "NOT a prof\n";
            } else {
                $isProfessor = 0;
                //@Debug
                //echo "NOT a prof\n";
            }
        }
    } else {
        die("query: " . $q . "\nFailed");
    }
    $q_str = "match (u:Person {name: \"" . $unifiedName . "\"}) set u.fromMU = " . $fromMU . ", u.isProfessor = " . $isProfessor;
    $query = new Query($client, $q_str);
    $client->executeCypherQuery($query);
}
开发者ID:brightskylee,项目名称:muresearch,代码行数:58,代码来源:addMOProperty.php

示例14: escape

 /**
  * @access public
  * @param mixed $data
  * @return mixed $data
  */
 public function escape($data)
 {
     if (!is_array($data)) {
         $data = $this->link->real_escape_string($data);
     } else {
         $data = array_map(array($this, 'escape'), $data);
     }
     return $data;
 }
开发者ID:emrahsifoglu,项目名称:simple-news-portal,代码行数:14,代码来源:MySQLiDriver.php

示例15: saveRow

 /**
  * @param $row
  * @param $configuration
  * @return mixed
  */
 public function saveRow($row, $configuration)
 {
     array_walk($row, function (&$item) {
         $item = '"' . $this->link->real_escape_string($item) . '"';
     });
     $query = sprintf('INSERT INTO %s (%s) VALUES (%s)', $configuration['table'], implode(', ', array_keys($row)), implode(', ', $row));
     $this->link->query($query);
     return $this->link->insert_id;
 }
开发者ID:mia3,项目名称:import,代码行数:14,代码来源:MySQLAdapter.php


注:本文中的mysqli::real_escape_string方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。