本文整理汇总了PHP中mysqli::real_escape_string方法的典型用法代码示例。如果您正苦于以下问题:PHP mysqli::real_escape_string方法的具体用法?PHP mysqli::real_escape_string怎么用?PHP mysqli::real_escape_string使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类mysqli
的用法示例。
在下文中一共展示了mysqli::real_escape_string方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: authenticateWithEmail
/**
* (non-PHPdoc)
* @see IUserLoginMethod::authenticateWithEmail()
*/
public function authenticateWithEmail($email, $password)
{
// connect to a data base
// Note: If your source application shares the same data base, you can simply use $this->_db, rather than open another connection.
$mysqli = new mysqli($this->_websoccer->getConfig('db_host'), $this->_websoccer->getConfig('db_user'), $this->_websoccer->getConfig('db_passwort'), $this->_websoccer->getConfig('db_name'));
// get user from your source table
$escapedEMail = $mysqli->real_escape_string($email);
$dbresult = $mysqli->query('SELECT password FROM mydummy_table WHERE email = \'' . $escapedEMail . '\'');
if (!$dbresult) {
throw new Exception('Database Query Error: ' . $mysqli->error);
}
$myUser = $dbresult->fetch_array();
$dbresult->free();
$mysqli->close();
// could not find user
if (!$myUser) {
return FALSE;
}
// check is password is correct (in this sample case a simple MD5 hashing is applied).
if ($myUser['password'] != md5($password)) {
return FALSE;
}
// user is valid user according to custom authentication check. Now test if user already exists in local DB and return its ID.
$existingUserId = UsersDataService::getUserIdByEmail($this->_websoccer, $this->_db, strtolower($email));
if ($existingUserId > 0) {
return $existingUserId;
}
// if user does not exist, create a new one. Nick name can be entered by user later.
return UsersDataService::createLocalUser($this->_websoccer, $this->_db, null, $email);
}
示例2: handle_login
function handle_login()
{
$username = $_POST['username'];
$password = $_POST['password'];
require_once 'db.conf';
$mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if ($mysqli->connect_error) {
$error = 'Error: ' . $mysqli->connect_errno . ' ' . $mysqli->connect_error;
require "login_form.php";
exit;
}
$username = $mysqli->real_escape_string($username);
$password = $mysqli->real_escape_string($password);
$query = "SELECT * FROM users WHERE username = '{$username}' AND password = '{$password}'";
$mysqliResult = $mysqli->query($query);
// print_r(mysqli_fetch_all($mysqliResult,MYSQLI_ASSOC));
if ($mysqliResult) {
$match = $mysqliResult->num_rows;
$mysqliResult->close();
$mysqli->close();
//print "The match is $match";
if ($match == 1) {
$_SESSION['loggedin'] = $username;
header("Location: home.php");
exit;
} else {
$error = "Incorrect username or password";
require "login_form.php";
exit;
}
}
}
示例3: escape
/**
* @inheritdoc
*/
public function escape($value)
{
if (!is_object($this->dbh)) {
$this->connect();
}
return $this->dbh->real_escape_string($value);
}
示例4: join_team
function join_team($code)
{
if (!isset($_SESSION['User'])) {
return 'You must be logged in to join a team.';
}
$conn = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
$ecode = $conn->real_escape_string($code);
$tquery = "SELECT * FROM `teams` WHERE teamcode='{$ecode}'";
$res = $conn->query($tquery);
if (!$res) {
return 'Team with code does not exist.';
}
$data = $res->fetch_assoc();
if (!$data) {
return 'Team with code does not exist.';
}
$name = $data['name'];
$ename = $conn->real_escape_string($name);
$user = $_SESSION['User'];
$euser = $conn->real_escape_string($user);
$joinquery = "UPDATE `users` SET team='{$ename}' WHERE name='{$euser}'";
$conn->query($joinquery);
if ($conn->error) {
return 'Failed to join team.';
}
return 'OK';
}
示例5: mysqli
function __construct($metaphone, $gender, $count)
{
$this->mRecords = [];
$db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);
$safe_metaphone = $db->real_escape_string($metaphone);
$safe_gender = $db->real_escape_string($gender);
$query = <<<QUERY
SELECT\tName,
\t\tSUM(NameCount) AS NameCount,
SUM(Total) AS Total
FROM\t names
JOIN \tname_counts ON NameId = FK_NameID
JOIN \tyear_gender_totals ON YearGenderTotalID = FK_YearGenderTotalID
WHERE\tMetaphone = '{$safe_metaphone}'
AND \t Gender = '{$safe_gender}'
GROUP BY Name
ORDER BY CAST(SUM(NameCount) / SUM(Total) AS DECIMAL(18,16)) DESC
LIMIT 0, {$count};
QUERY;
$results = $db->query($query);
$recs = $results->fetch_all(MYSQLI_NUM);
// $name, $gender, $year, $rank, $count, $total, $metaphone
foreach ($recs as $rec) {
$name_popularity_rec = new NamePopularityRecord($rec[MetaphoneSet::NAME_FIELD], $gender, 0, 0, $rec[MetaphoneSet::COUNT_FIELD], $rec[MetaphoneSet::TOTAL_FIELD], $metaphone);
$this->mRecords[] = $name_popularity_rec;
}
}
示例6: mysqli
function __construct($year, $gender, $count)
{
$this->mRecords = [];
$db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);
$safe_year = $db->real_escape_string($year);
$safe_gender = $db->real_escape_string($gender);
$safe_count = $db->real_escape_string($count);
echo $count;
$query = <<<QUERY
SELECT Name, Metaphone, Rank, NameCount, Year, Gender, Total
FROM NAMES
JOIN NAME_COUNTS ON NameID = FK_NameID
JOIN YEAR_GENDER_TOTALS ON YearGenderTotalID = FK_YearGenderTotalID
WHERE Year = {$safe_year}
AND Gender = '{$safe_gender}'
ORDER BY Rank
LIMIT 0, {$safe_count};
QUERY;
$results = $db->query($query);
$recs = $results->fetch_all(MYSQLI_NUM);
// $name, $gender, $year, $rank, $count, $total, $metaphone
foreach ($recs as $rec) {
$name_popularity_rec = new NamePopularityRecord($rec[YearSet::NAME_FIELD], $rec[YearSet::GENDER_FIELD], $rec[YearSet::YEAR_FIELD], $rec[YearSet::RANK_FIELD], $rec[YearSet::COUNT_FIELD], $rec[YearSet::TOTAL_FIELD], $rec[YearSet::METAPHONE_FIELD]);
$this->mRecords[] = $name_popularity_rec;
}
}
示例7: importKeywords
public function importKeywords()
{
$db = ConnectionManager::getDataSource('default');
$mysqli = new mysqli($db->config['host'], $db->config['login'], $db->config['password'], $db->config['database']);
$sql = array('links', 'links_keywords');
foreach (glob('/home/kiang/public_html/news/cache/output/*.json') as $jsonFile) {
$json = json_decode(file_get_contents($jsonFile), true);
$newLinkId = String::uuid();
$json['title'] = $mysqli->real_escape_string(trim($json['title']));
$json['url'] = $mysqli->real_escape_string($json['url']);
$json['created'] = date('Y-m-d H:i:s', $json['created_at']);
$sql['links'][] = "('{$newLinkId}', '{$json['title']}', '{$json['url']}', '{$json['created']}')";
foreach ($json['keywords'] as $keywordId => $summary) {
$lkId = String::uuid();
$summary = $mysqli->real_escape_string(trim($summary));
$sql['links_keywords'][] = "('{$lkId}', '{$newLinkId}', '{$keywordId}', '{$summary}')";
}
unlink($jsonFile);
}
if (!empty($sql['links'])) {
$linksSql = 'INSERT INTO links VALUES ' . implode(',', $sql['links']) . ";\n";
$lkSql = 'INSERT INTO links_keywords VALUES ' . implode(',', $sql['links_keywords']) . ';';
file_put_contents(TMP . 'keywords.sql', $linksSql . $lkSql);
}
}
示例8: login
public static function login($data)
{
$config = new Config();
$mysqli = new mysqli($config->host, $config->user, $config->pass, $config->db);
if ($mysqli->connect_errno) {
print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Failed to connect to MySQL: (' . $mysqli->connect_errno . ') ' . $mysqli->connect_error));
return;
} else {
$username = $mysqli->real_escape_string($data['username']);
$password = $mysqli->real_escape_string($data['password']);
$query1 = "SELECT * FROM judges WHERE judgeuname = '{$username}' AND judgepword='{$password}'";
$result = $mysqli->query($query1);
if ($result) {
if ($row = $result->fetch_assoc()) {
/*** set the session user_id variable ***/
$_SESSION['user'] = $row;
/*** set a form token ***/
$form_token = md5(uniqid('auth', true));
/*** set the session form token ***/
$_SESSION['auth_token'] = $form_token;
/*** tell the user we are logged in ***/
print json_encode(array('success' => true, 'status' => 200, 'form_token' => $form_token, 'childs' => $row));
} else {
$message = 'Login Failed';
print json_encode(array('success' => false, 'status' => 200, 'msg' => $message));
}
} else {
$message = 'Error with SQL' . $query1;
print json_encode(array('success' => false, 'status' => 400, 'msg' => $message));
}
}
}
示例9: mysqli
function __construct($name, $gender, $metaphone)
{
$this->mRecords = [];
$db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);
$safe_name = $db->real_escape_string($name);
$safe_gender = $db->real_escape_string($gender);
$query = <<<QUERY
SELECT Year, IFNULL((
SELECT NameCount
FROM NAME_COUNTS
JOIN NAMES ON NameID = FK_NameID
WHERE Name = '{$safe_name}'
AND YearGenderTotalID = FK_YearGenderTotalID
), 0) AS NameCount,
Total
FROM \tyear_gender_totals
WHERE\tGender = '{$safe_gender}'
ORDER BY\tYear;
QUERY;
$results = $db->query($query);
$recs = $results->fetch_all(MYSQLI_NUM);
// $name, $gender, $year, $rank, $count, $total, $metaphone
foreach ($recs as $rec) {
$name_popularity_rec = new NamePopularityRecord($name, $gender, $rec[NameSet::YEAR_FIELD], 0, $rec[NameSet::COUNT_FIELD], $rec[NameSet::TOTAL_FIELD], $metaphone);
$this->mRecords[] = $name_popularity_rec;
}
}
示例10: saveDataToDatabase
function saveDataToDatabase()
{
date_default_timezone_set("Asia/Tokyo");
//set timezone to Tokyo
$date = date("Y-m-d H:i:s");
$servername = "domremy.xsrv.jp";
$username = "domremy_system";
$password = "hqcx66cs";
$dbname = "domremy_product";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
$ProductName = $conn->real_escape_string($_POST["product"]);
$PepperText = $conn->real_escape_string($_POST["pepperText"]);
$Text = $conn->real_escape_string($_POST["detail"]);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO product_tb (productName, productDetailText, productPepperText, productRecodeDate, productValidity)\n VALUES ('{$ProductName}', '{$Text}','{$PepperText}','{$date}','1')";
if ($conn->query($sql) === TRUE) {
$temp = explode(".", $_FILES["file"]["name"]);
$extension = strtolower(end($temp));
$id = $conn->insert_id;
$filename = $id . "." . $extension;
$sql = "UPDATE product_tb SET productFileName ='{$filename}' WHERE productId='{$id}'";
$conn->query($sql);
saveImageToServer($filename);
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
示例11: escapeValues
/**
* @inheritDoc
*/
public function escapeValues(array $values)
{
$escaped = [];
foreach ($values as $value) {
$escaped[] = $this->conn->real_escape_string($value);
}
return $escaped;
}
示例12: find_in_set
/**
* Auto-generate a FIND_IN_SET() statement
*
* @param string $strKey The field name
* @param mixed $varSet The set to find the key in
* @param boolean $blnIsField If true, the set will not be quoted
*
* @return string The FIND_IN_SET() statement
*/
protected function find_in_set($strKey, $varSet, $blnIsField = false)
{
if ($blnIsField) {
return "FIND_IN_SET(" . $strKey . ", " . $varSet . ")";
} else {
return "FIND_IN_SET(" . $strKey . ", '" . $this->resConnection->real_escape_string($varSet) . "')";
}
}
示例13: addMOProperty
function addMOProperty($unifiedName, $client)
{
$mysqli = new mysqli(HOSTNAME, USERNAME, PASSWD, DATABASE);
if ($mysqli->connect_errno) {
die("error: " . $mysqli->connect_error);
}
$localTable = "MOSpacePeople";
$parser = new HumanNameParser_Parser($unifiedName);
$last = $parser->getLast();
$first = $parser->getFirst();
//@Debug
//echo "Checking ".$last.", ".$first.".....";
$q = "SELECT * from " . $localTable . " where firstname='" . $mysqli->real_escape_string($first) . "' and lastname='" . $mysqli->real_escape_string($last) . "'";
$fromMU = 0;
$isProfessor = 0;
if ($result = $mysqli->query($q)) {
if ($result->num_rows == 1) {
//@Debug
//echo "found in local database.....";
$fromMU = 1;
if ($resAssocArray = $result->fetch_assoc()) {
if (isset($resAssocArray['Title'])) {
$isProfessor = findIfProfessor($resAssocArray['Title']) == 1 ? 1 : 0;
//@Debug
//if($isProfessor == 1) echo "is a prof\n"; else echo "NOT a prof\n";
} else {
$isProfessor = 0;
//@Debu
//echo "NOT a prof\n";
}
} else {
die("fetch result from MOSpacePeople failed");
}
} else {
$peopleFinderURL = "https://webservices.doit.missouri.edu/peoplefinderWS/peoplefinderws.asmx/PeopleFinderXml?firstName=" . urlencode($first) . "&lastname=" . urlencode($last) . "&department=&phoneno=&email=";
$url_parser = new URLParser($peopleFinderURL);
$retArr = $url_parser->XMLToArray();
if (intval($retArr['@attributes']['found']) == 1) {
//@Debug
//echo "found in Peoplefinder...";
$fromMU = 1;
$title = array_key_exists("Title", $retArr['Person']) && !empty($retArr['Person']['Title']) ? $retArr['Person']['Title'] : "";
$isProfessor = findIfProfessor($title) == 1 ? 1 : 0;
//@Debug
//if($isProfessor == 1) echo "is a prof\n"; else echo "NOT a prof\n";
} else {
$isProfessor = 0;
//@Debug
//echo "NOT a prof\n";
}
}
} else {
die("query: " . $q . "\nFailed");
}
$q_str = "match (u:Person {name: \"" . $unifiedName . "\"}) set u.fromMU = " . $fromMU . ", u.isProfessor = " . $isProfessor;
$query = new Query($client, $q_str);
$client->executeCypherQuery($query);
}
示例14: escape
/**
* @access public
* @param mixed $data
* @return mixed $data
*/
public function escape($data)
{
if (!is_array($data)) {
$data = $this->link->real_escape_string($data);
} else {
$data = array_map(array($this, 'escape'), $data);
}
return $data;
}
示例15: saveRow
/**
* @param $row
* @param $configuration
* @return mixed
*/
public function saveRow($row, $configuration)
{
array_walk($row, function (&$item) {
$item = '"' . $this->link->real_escape_string($item) . '"';
});
$query = sprintf('INSERT INTO %s (%s) VALUES (%s)', $configuration['table'], implode(', ', array_keys($row)), implode(', ', $row));
$this->link->query($query);
return $this->link->insert_id;
}