Possible en double:
PHP warning help?Problème d'alerte PHP?
Je suis nouveau à php et mysql, je pense que j'égaré le mysqli_real_escape_string() Je continue de recevoir l'avertissement suivant sur la ligne 3.
Attention: mysqli_real_escape_string() attend exactement 2 paramètres, 1 donné en
Voici le code php.
<?php
$page = mysqli_real_escape_string($_SERVER['SCRIPT_FILENAME']);
// Query member data from the database and ready it for display
$mysqli = new mysqli("localhost", "root", "", "sitename");
$dbc = mysqli_query($mysqli,"SELECT id page FROM mysql_counter_logs WHERE page = '$page'");
if (mysqli_num_rows($dbc) == 0) {
$mysqli = new mysqli("localhost", "root", "", "sitename");
$dbc = mysqli_query($mysqli,"INSERT INTO mysql_counter_logs (page) VALUES ('$page')");
}
if ($dbc == 1) {
$dbc = mysqli_query($mysqli,"UPDATE mysql_counter_logs SET hits = hits + 1 WHERE page = '$page'");
}
//Retreives the current count
$count = mysqli_fetch_row(mysqli_query($mysqli,"SELECT hits FROM mysql_counter_logs"));
if (!$dbc) {
// There was an error...do something about it here...
print mysqli_error();
}
//Displays the count on your site
print "$count[0]";
?>
Aussi est-il un moyen que je peux rendre ce code plus de sécurité des attaques XSS. Merci
Où dois-je placer cela? – new
En fait - je ne faisais pas attention. Vous devez alimenter le handle en tant que premier paramètre. –