0
下面的字符串以Gibberish而不是希伯来语到达服务器,请大家帮忙,这是我的代码的样子(我得到了很长的字符串并将每个部分插入到数据库中)? 例如名称insert as; ×××××××דPHP支持希伯来文
<?php
$data_to_server = $_POST['data_to_server'];
$length = $_POST['length'];
$servername = "";
$username = "";
$password = "";
$dbname = "";
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$users_list = $data_to_server;
$users_list = str_replace(array("phone:","name:","event_id:"),array("","",""),$users_list);
//$users_num = 4;
$sql_str = "INSERT INTO invite_list (phone,name,event_id) VALUES ";
for ($i=0; $i<$length; $i++){
$temp_list = "";
$temp_list = substr($users_list, 0, strpos($users_list, '/'));
$users_list = str_replace($temp_list."/","",$users_list);
$sql_str = $sql_str . "(" . $temp_list;
if ($i < $length-1)
$sql_str = $sql_str . "),";
else
$sql_str = $sql_str . ");";
}
$sql = $sql_str;
if ($conn->query($sql) === TRUE) {
echo json_encode(array("Result"=>"success"));
} else {
echo json_encode(array("Result"=>"failed"));
}
$conn->close();
您的查询很容易受到Mysql注入攻击。我建议阅读关于如何使用[准备语句](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) – IsThisJavascript
这仅用于测试,示例 –