mysql_real_escape_string（）只是让一个空字符串？ [英] mysql_real_escape_string() just makes an empty string?

问题描述

我使用一个jQuery AJAX请求到一个名为页 like.php 连接到我的数据库，并插入一个一行。这是 like.php code：

I am using a jQuery AJAX request to a page called like.php that connects to my database and inserts a row. This is the like.php code:

<?php

// Some config stuff
define(DB_HOST, 'localhost');
define(DB_USER, 'root');
define(DB_PASS, '');
define(DB_NAME, 'quicklike');

$link = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die('ERROR: ' . mysql_error());
$sel = mysql_select_db(DB_NAME, $link) or die('ERROR: ' . mysql_error());

$likeMsg = mysql_real_escape_string(trim($_POST['likeMsg']));
$timeStamp = time();

if(empty($likeMsg))
    die('ERROR: Message is empty');

$sql = "INSERT INTO `likes` (like_message, timestamp)
        VALUES ('$likeMsg', $timeStamp)";

$result = mysql_query($sql, $link) or die('ERROR: ' . mysql_error());

echo mysql_insert_id();

mysql_close($link);

?>

该问题的行是 $ likeMsg = mysql_real_escape_string（修剪（$ _ POST ['likeMsg']））; 。这似乎只是返回一个空字符串，并在我的 like_message 列下的数据库中的所有我看到的是空白项。如果删除 mysql_real_escape_string（）不过，它工作正常。

The problematic line is $likeMsg = mysql_real_escape_string(trim($_POST['likeMsg']));. It seems to just return an empty string, and in my database under the like_message column all I see is blank entries. If I remove mysql_real_escape_string() though, it works fine.

下面是我的jQuery的code。如果它帮助。

Here's my jQuery code if it helps.

$('#like').bind('keydown', function(e) {
    if(e.keyCode == 13) {
        var likeMessage = $('#changer p').html();

        if(likeMessage) {
            $.ajax({
                cache: false,
                url: 'like.php',
                type: 'POST',
                data: { likeMsg: likeMessage },
                success: function(data) {
                    $('#like').unbind();
                    writeLikeButton(data);
                }
            });
        } else {
            $('#button_container').html('');
        }
    }
});

这一切jQuery的code正常工作，我已经独立测试它自己。

All this jQuery code works fine, I've tested it myself independently.

任何帮助是极大的AP preciated，谢谢。

Any help is greatly appreciated, thanks.

推荐答案

您1000％肯定 $ _ POST [likeMsg] 实际上包含了些什么呢？

Are you 1000% sure that $_POST["likeMsg"] actually contains something?

至于 mysql_real_escape_string（）返回空值时，手动说，只有一个的情况，其中，可以发生：

As for mysql_real_escape_string() returning an empty value, the manual says there is only one situation where that can happen:

注：必须使用mysql_real_escape_string（），否则将会生成一条E_WARNING级的错误之前一个MySQL连接，并返回false。如果link_identifier没有定义，所使用的最后MySQL连接。

Note: A MySQL connection is required before using mysql_real_escape_string() otherwise an error of level E_WARNING is generated, and FALSE is returned. If link_identifier isn't defined, the last MySQL connection is used.

但这似乎不是这里的情况，虽然，因为你有一个连接打开。奇怪的。

this doesn't seem to be the case here though, as you do have a connection open. Strange.

这篇关于mysql_real_escape_string（）只是让一个空字符串？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！