发表新帖
发表新帖

mysql_real_escape_string() for entire $_REQUEST array, or need to loop through it?

后端 未结
关注
6 935
没有蜡笔的小新
没有蜡笔的小新 2020-12-13 22:50

Is there an easier way of safely extracting submitted variables other than the following? 

if(isset($_REQUEST[\'kkld\'])) $kkld=mysql_real_escape_string($
6条回答
  • 独厮守ぢ
    独厮守ぢ (楼主)
    2020-12-13 23:30

    If you use mysqli extension and you like to escape all GET variables:

    $escaped_get = array_map(array($mysqli, 'real_escape_string'), $_GET);

    0 讨论(0)
 看不清?
提交回复
热议问题