标签:
$query = sprintf("SELECT * FROM Users where UserName=‘%s‘ and Password=‘%s‘",mysql_real_escape_string($Username),mysql_real_escape_string($Password)); mysql_query($query); 或是 $db = new mysqli("localhost", "user", "pass", "database"); $stmt = $mysqli -> prepare("SELECT priv FROM testUsers WHERE username=? AND password=?"); $stmt -> bind_param("ss", $user, $pass); $stmt -> execute();
标签:
原文地址:http://www.cnblogs.com/LoveJulin/p/5498188.html
