Find centralized, trusted content and collaborate around the technologies you use most.
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
function escape_all(&$val){ foreach($val as $key=>$value){ $value = mysql_real_escape_string($value); } }
escape_all($trimmed_user);
不需要的字符仍然没有被转义。我究竟做错了什么?
默认情况下,Foreach 数组不能通过引用工作,您需要告诉它:
function escape_all(&$val){ foreach($val as $key=>&$value){ $value = mysql_real_escape_string($value); } }
还要记住 real_escape_string 需要一个 mysql 连接才能正常工作。