I'm using mysqli_real_escape_string() on an email address, and it returns an empty string. It does this with any email address.
<?php
//from previous page - submitted by user.
$_POST['email']="aehmlo@aehmlo.com";
$_POST['password']='mypass1234';
//Link, I can verify it works.
$mysql_info=array(
"url"=>"url",
"username"=>"username",
"password"=>"password",
"database"=>"database"
);
$link=mysqli_connect($mysql_info['url'],$mysql_info['username'],$mysql_info['password'],$mysql_info['database']);
//Now I attempt to sanitize the user input.
$email=mysqli_real_escape_string($link,$_POST['email']);
$password=sha1(mysqli_real_escape_string($link,$_POST['password']));
var_dump($email);
var_dump($password);?>
My table's collation is "latin1_swedish_ci".
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…