0
Function.php警告:mysqli_real_escape_string()期望的是2个参数,1
/*Cleans an array to protect against injection attacks.*/
function f_clean($array) {
return array_map('mysqli_real_escape_string', $array);
}
process.php:形成用户将数据插入是清洁SQL注入
/*This cleans our &_POST array to prevent against SQL injection attacks.*/
$_POST = f_clean($_POST);