当我将代码移至另一台服务器时,mysql_real_escape_string停止工作 [英] mysql_real_escape_string stopped working when I moved my code to another server
问题描述
下面的代码在我的本地xampp安装(Windows 7)中可以很好地工作,但是当我将其移植到Win2K8 R2服务器时,mysql_real_escape_string件不起作用.当我注释掉时,它工作正常.我很确定这与php.ini文件有关,但无法查明它是什么.也许从一开始我的代码应该写得不同.
The following code works perfectly fine in my local xampp installation (Windows 7), but when I ported it over to a Win2K8 R2 server, the mysql_real_escape_string piece does not work. When I comment it out, it works fine. I am pretty sure this has something to do with the php.ini file but cannot pinpoint what it is. Perhaps my code should have been written differently to begin with.
function add_asset($asset_type_ID, $org_ID, $asset_desc, $asset_cost, $asset_value, $purchase_date) {
global $db;
$asset_desc = mysql_real_escape_string($asset_desc);
$query = "INSERT INTO assets
(asset_ID, asset_type_ID, org_ID, asset_desc, asset_cost, asset_value, purchase_date)
VALUES
(DEFAULT, '$asset_type_ID', '$org_ID', '$asset_desc', '$asset_cost', '$asset_value', '$purchase_date')";
$add_asset = $db->exec($query);
$last_asset_ID = $db->lastInsertId();
return $last_asset_ID;
具体来说,当记录输入mysql时,asset_desc字段为空白.
Specifically, when the record gets entered into mysql, the asset_desc field is blank.
谢谢!
更新:浏览完PHP错误日志后,我发现了以下内容:
UPDATE: After looking through the PHP error log, I found the following:
[ function.mysql-real-escape-string ]:拒绝访问用户"@'localhost"(使用密码:否)
[function.mysql-real-escape-string]: Access denied for user ''@'localhost' (using password: NO)
推荐答案
看起来像您用来连接到开发系统上的数据库的任何凭据在服务器上都失败了.
Looks like whatever credentials you are using to connect to the database on your dev system are failing on your server.
mysql_real_escape_string()需要活动的MySQL连接才能正常工作;如果您未连接到数据库,它将失败.
mysql_real_escape_string() requires an active MySQL connection in order for it to work correctly; if you aren't connected to the database, it will fail.
-
检查代码中您在何处调用
mysql_connect();从错误消息中,您的开发系统似乎依赖于 Mysql扩展的运行时默认值.
Check wherever in your code you are calling
mysql_connect(); from the error message, it seems like your dev system is relying on the runtime default values for the Mysql extension.
或者,服务器系统上的mysql_real_escape_string()可能无法访问连接资源.从 mysql_real_escape_string() (重点是我)的文档中:
Alternatively, the connection resource might not be accessible to mysql_real_escape_string() on the server's system. From the documentation for mysql_real_escape_string() (emphasis mine):
link_identifier
MySQL连接.如果未指定链接标识符,则假定由
mysql_connect()打开的最后一个链接. 如果未找到此类链接,它将尝试创建一个没有任何参数的调用mysql_connect()的链接.如果未找到或未建立连接,则会生成E_WARNING级别错误.
link_identifier
The MySQL connection. If the link identifier is not specified, the last link opened by
mysql_connect()is assumed. If no such link is found, it will try to create one as ifmysql_connect()was called with no arguments. If no connection is found or established, an E_WARNING level error is generated.
也许您的开发服务器可能已配置为不带任何参数调用mysql_connect()确实建立了与MySQL数据库服务器的连接.造成这种情况的最可能原因是开发MySQL服务器允许匿名连接,或者php.ini指定了有效的默认凭据.
Perhaps it's possible that your dev server is configured such that calling mysql_connect() with no arguments does establish a connection to the MySQL database server. The most likely reasons for this are either dev MySQL server allows anonymous connections, or php.ini specifies valid default credentials.
但是,这在生产上失败,很可能是因为生产MySQL服务器不允许匿名连接,并且在php.ini中未指定默认凭据.
However, this fails on production, most likely because the production MySQL server does not allow anonymous connections, and no default credentials are specified in php.ini.
检查您的代码,以了解在没有先调用mysql_connect()的情况下可以到达mysql_real_escape_string()的调用的情况(请注意,与
Check over your code for situations where it is possible to arrive at the call to mysql_real_escape_string() without mysql_connect() getting called first (note that establishing a connection with PDO doesn't count in this case).
由于使用的是PDO,请考虑切换到已准备的语句,该操作将会完全不需要mysql_real_escape_string().
Since you're using PDO, consider switching to prepared statements, which will eliminate the need for mysql_real_escape_string() entirely.
这篇关于当我将代码移至另一台服务器时,mysql_real_escape_string停止工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
