Put this function mysqli mysqli_real_escape_string

Question

Put this function mysqli mysqli_real_escape_string

Navigation

#1 by (2 votes)

0

I have this function to insert in myqli

function Insertar_Datos() { global $Conectar;
    $Parametros = func_get_args();
            $InDatos = "INSERT INTO '".$Parametros[0]."' (".$Parametros[1].") VALUES (".$Parametros[2].");";
            $RDatos = mysqli_query($Conectar, $InDatos);
            if (!$RDatos) { http_response_code(500); print(mysqli_error($Conectar)); } else { http_response_code(200); echo "ok"; }
     return $RDatos;
}

how to use the function I am using this:

$InuevoArticulo = Insertar_Datos("Tabla" , "'id','nombre'" , "'".mysqli_real_escape_string($Conectar, $_POST['id'])."','".mysqli_real_escape_string($Conectar, $_POST['nombre'])."'");

As you see so far in parameters [2] I put all the code with the real scape bla bla bla ... Would there be any way that in parameters [2] just put $ _POST ['what_is_say'] and write in the insert all the code of mysqli_real_escape_string ($ Connect, ... automatically?

A thousand thanks for your help:)

mysql php

asked by Killpe 27.12.2016 в 21:56

source

1 answer

Uncaught TypeError: json.comunicado.ASUNTO.html is not a function transform number to date

score 2 · Answer 1

In the php official documentation it says that func_get_args () returns an array that It consists of a list of arguments of a function.

If you want to do otherwise, it would be serious to pass parameters to your function or go through Get or post. It depends on you. Example:

By POST:

function Insertar_Datos() { 
    global $Conectar;

    // Digamos que viene de un formulario por post tus valores.
    $id = $_POST['id'];
    $nombre = $_POST['nombre'];

    $InuevoArticulo = Insertar_Datos("Tabla" , "'id','nombre'" , "'".mysqli_real_escape_string($Conectar, $id)."','".mysqli_real_escape_string($Conectar, $nombre)."'");
    $RDatos = mysqli_query($Conectar, $InuevoArticulo);
    if (!$RDatos) { 
        http_response_code(500); 
        print(mysqli_error($Conectar)); 
    }else{ 
         http_response_code(200); 
         echo "ok";
    }
    return $RDatos;
}

Another way would be to pass parameters to your function:

function Insertar_Datos($id, $nombre) { 
    global $Conectar;

    $InuevoArticulo = Insertar_Datos("Tabla" , "'id','nombre'" , "'".mysqli_real_escape_string($Conectar, $id)."','".mysqli_real_escape_string($Conectar, $nombre)."'");
    $RDatos = mysqli_query($Conectar, $InuevoArticulo);
    if (!$RDatos) { 
        http_response_code(500); 
        print(mysqli_error($Conectar)); 
    }else{ 
         http_response_code(200); 
         echo "ok";
    }
    return $RDatos;
}