mysql_real_escape_string(): 数据库插入中拒绝访问
mysql_real_escape_string(): Access denied in DB insert
我正在尝试在 PHP 5.6 及更高版本上使用旧版 MediaWiki 扩展,但在插入数据库时失败了。
是的,这不是重复的,因为代码不同。
完整的错误是:
Warning: mysql_real_escape_string(): Access denied for user
''@'localhost' (using password: NO)
我尝试更改为 mysqli_real_escape_string 但后来我有:
mysqli_real_escape_string() expects exactly 2 parameters, 1 given on
line 235
函数如下:
function Lookup_addLookup ($url, $name, $group)
{
$dbw = wfGetDB(DB_MASTER);
$groupOrder = Lookup_getGroupOrder($group);
$dbw->query ("INSERT INTO ".Lookup_prefix()."lookups (lu_name, lu_url, lu_group, lu_order, lu_group_order) VALUES ('".mysql_real_escape_string($name)."', '".mysql_real_escape_string($url)."', '".mysql_real_escape_string($group)."', 1, $groupOrder)");
Lookup_reOrderGroups();
return true;
}
再往下还有一个:
function Lookup_moveGroupUp($group)
{
$dbw = wfGetDB(DB_MASTER);
$dbw->query ("UPDATE ".Lookup_prefix()."lookups SET lu_group_order = 0 WHERE lu_group = '".mysqli_real_escape_string($group)."'");
Lookup_reOrderGroups();
return true;
}
mysqli_real_escape_string() 需要数据库 link 作为第一个参数,这就是它不起作用的原因。
然而,MediaWiki wants us to avoid direct queries, so it has the $dbw->insert() method instead, one of several wrapper functions.
使用这样的东西:
function Lookup_addLookup ($url, $name, $group)
{
$dbw = wfGetDB(DB_MASTER);
$groupOrder = Lookup_getGroupOrder($group);
$dbw->insert(
Lookup_prefix()."lookups",
array(
'lu_name' => $name,
'lu_url' => $url,
'lu_group' => $group,
'lu_order' => 1,
'lu_group_order' => $groupOrder
)
);
Lookup_reOrderGroups();
return true;
}
在第二个例子中,使用$dbw->update():
function Lookup_moveGroupUp($group)
{
$dbw = wfGetDB(DB_MASTER);
$dbw->update(
Lookup_prefix()."lookups",
array(
"lu_group_order" => 0
),
array(
"lu_group" => $group
)
);
Lookup_reOrderGroups();
return true;
}
有关更多信息和其他 SQL 包装器,请阅读 different wrapper functions and their documentation。
我正在尝试在 PHP 5.6 及更高版本上使用旧版 MediaWiki 扩展,但在插入数据库时失败了。
是的,这不是重复的,因为代码不同。
完整的错误是:
Warning: mysql_real_escape_string(): Access denied for user ''@'localhost' (using password: NO)
我尝试更改为 mysqli_real_escape_string 但后来我有:
mysqli_real_escape_string() expects exactly 2 parameters, 1 given on line 235
函数如下:
function Lookup_addLookup ($url, $name, $group)
{
$dbw = wfGetDB(DB_MASTER);
$groupOrder = Lookup_getGroupOrder($group);
$dbw->query ("INSERT INTO ".Lookup_prefix()."lookups (lu_name, lu_url, lu_group, lu_order, lu_group_order) VALUES ('".mysql_real_escape_string($name)."', '".mysql_real_escape_string($url)."', '".mysql_real_escape_string($group)."', 1, $groupOrder)");
Lookup_reOrderGroups();
return true;
}
再往下还有一个:
function Lookup_moveGroupUp($group)
{
$dbw = wfGetDB(DB_MASTER);
$dbw->query ("UPDATE ".Lookup_prefix()."lookups SET lu_group_order = 0 WHERE lu_group = '".mysqli_real_escape_string($group)."'");
Lookup_reOrderGroups();
return true;
}
mysqli_real_escape_string() 需要数据库 link 作为第一个参数,这就是它不起作用的原因。
然而,MediaWiki wants us to avoid direct queries, so it has the $dbw->insert() method instead, one of several wrapper functions.
使用这样的东西:
function Lookup_addLookup ($url, $name, $group)
{
$dbw = wfGetDB(DB_MASTER);
$groupOrder = Lookup_getGroupOrder($group);
$dbw->insert(
Lookup_prefix()."lookups",
array(
'lu_name' => $name,
'lu_url' => $url,
'lu_group' => $group,
'lu_order' => 1,
'lu_group_order' => $groupOrder
)
);
Lookup_reOrderGroups();
return true;
}
在第二个例子中,使用$dbw->update():
function Lookup_moveGroupUp($group)
{
$dbw = wfGetDB(DB_MASTER);
$dbw->update(
Lookup_prefix()."lookups",
array(
"lu_group_order" => 0
),
array(
"lu_group" => $group
)
);
Lookup_reOrderGroups();
return true;
}
有关更多信息和其他 SQL 包装器,请阅读 different wrapper functions and their documentation。