PHP mysql_real_escape_string 返回空字符串

场景三。波洛尼尔斯家里的一个房间。

Enter LAERTES and OPHELIA 

雷尔提斯

My necessaries are embark'd: farewell:
And, sister, as the winds give benefit
And convoy is assistant, do not sleep,
But let me hear from you.

奥菲莉亚

Do you doubt that?

雷尔提斯

For Hamlet and the trifling of his favour,
Hold it a fashion and a toy in blood,
A violet in the youth of primy nature,
Forward, not permanent, sweet, not lasting,
The perfume and suppliance of a minute; No more.

奥菲莉亚

No more but so?

雷尔提斯

Think it no more;
For nature, crescent, does not grow alone
In thews and bulk, but, as this temple waxes,
The inward service of the mind and soul
Grows wide withal. Perhaps he loves you now,
And now no soil nor cautel doth besmirch
The virtue of his will: but you must fear,
His greatness weigh'd, his will is not his own;
For he himself is subject to his birth:
He may not, as unvalued persons do,
Carve for himself; for on his choice depends
The safety and health of this whole state;
And therefore must his choice be circumscribed
Unto the voice and yielding of that body
Whereof he is the head. Then if he says he loves you,
It fits your wisdom so far to believe it
As he in his particular act and place
May give his saying deed; which is no further
Than the main voice of Denmark goes withal.
Then weigh what loss your honour may sustain,
If with too credent ear you list his songs,
Or lose your heart, or your chaste treasure open
To his unmaster'd importunity.
Fear it, Ophelia, fear it, my dear sister,
And keep you in the rear of your affection,
Out of the shot and danger of desire.
The chariest maid is prodigal enough,
If she unmask her beauty to the moon:
Virtue itself 'scapes not calumnious strokes:
The canker galls the infants of the spring,
Too oft before their buttons be disclosed,
And in the morn and liquid dew of youth
Contagious blastments are most imminent.
Be wary then; best safety lies in fear:
Youth to itself rebels, though none else near.

参见 PHP 文档 http://php.net/manual/en/function.mysql-real-escape-string.php

MySQL 连接。如果未指定链接标识符，则假定为 mysql_connect() 打开的最后一个链接。如果没有找到这样的链接，它将尝试创建一个，就像不带参数调用 mysql_connect() 一样。如果未找到或建立连接，则会生成 E_WARNING 级别错误。

这意味着您需要有效连接才能使用此功能

如果您没有看到任何错误，请尝试

error_reporting(E_ALL);
ini_set('display_errors','On');

mysql_real_escape_string

使用

  $escaped = htmlspecialchars($_GET['value'], ENT_QUOTES, "ISO-8859-1");

或

   $escaped = filter_var($_GET['value'], FILTER_SANITIZE_STRING);     

您会得到任何空字符串，因为该函数采用两个参数；与数据库的实际连接，然后是字符串。使用这个：

$sanitizedField = mysqli_real_escape_string($connection, $field);

“此扩展自 PHP 5.5.0 起已弃用，并将在将来删除。相反，应使用 MySQLi 或 PDO_MySQL 扩展。”来自 http://php.net/manual/en/function.mysql-real-escape-string.php

简单地在函数名称中添加“i”并不是解决方案。请注意，链接标识符参数不再是可选的 http://www.php.net/manual/en/mysqli.real-escape-string.php

PS：至于否决票，我坚持我的答案。问题中的函数将从 PHP 中删除，这是一件大事，我觉得有必要指出这一点，因为没有其他人提到它。你不同意吗？原始问题的细节很重要，但很多人（包括我自己）来这里寻找有关 mysql_real_escape_string() 的信息，在寻找有关 mysql_real_escape_string() 的信息时，您应该意识到的第一件事是它已被弃用。系统管理员迟早必须升级 PHP，毫无疑问大量应用程序仍在使用这个已弃用的函数。

我们也面临同样的问题。 mysql_real_escape_string 可以在我们的开发 Linux 系统上运行，但不能在测试台上运行。我们想知道为什么它在我们的系统上工作，而不是在测试台上工作，即使所有 php rpm 都是相同的版本。参考PHP文档后，发现在调用mysql_real_escape_string之前必须主动连接到MySQL。如果没有活动连接，则 PHP 在内部尝试使用默认参数连接到 MySQL。当 PHP 在内部尝试连接到我们的开发机器上的数据库时，它可以工作，但在我们的测试台上失败，并导致调用 mysql_real_escape_string 的响应为空。在 mysql_real_escape_string() 之前添加对 mysql_connect() 的调用后，我们的问题得到了解决。

下面是我们运行mysql命令时出现的错误，在我们的开发机器上没有看到这个错误，并且命令成功连接到数据库服务器。 错误 1045 (28000)：用户“root”@“localhost”的访问被拒绝（使用密码：NO）

结论是我们必须在调用mysql_real_escape_string之前显式连接到mysql。 php 连接到数据库的内部尝试可以在某些系统上工作，但在某些其他系统上失败，具体取决于安全级别或登录凭据。

@jeroen 似乎解释了这一点。虽然它应该在不连接到本地服务器上的数据库的情况下工作（很多事情都是这样工作的），但它不会在网络服务器上工作，除非你在 mysql_rea 之前连接到数据库......我刚刚尝试过它并且它工作了。这就是为什么他赢得了我的选票