mysqli_real_escape_string函数[重复]

This question already has an answer here:

How can I prevent SQL injection in PHP? 28 answers
Reference: What is variable scope, which variables are accessible from where and what are “undefined variable” errors? 3 answers

I am trying to create a shortened mysqli_real_escape_string function

code works when used directly, but get errors when trying to turn into a function

this works perfectly: '''

$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
$username = $conn->real_escape_string($_GET['user_name']);

''' BUT using the following code: '''

$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
function cleanstr($cleanval){
    $cleanval= $conn->real_escape_string($cleanval);
    //$cleanval =mysqli_real_escape_string($conn, $cleanval);
    return $cleanval;
}
$username = cleanstr($_GET['user_name']);

''' I get errors:

........................

( ! ) Notice: Undefined variable: conn in C:\wamp64\www\Dataeg\functions.php on line 21
Call Stack
#   Time    Memory  Function    Location
1   0.0004  403064  {main}( )   ...\verify_email.php:0
2   0.1575  420064  cleanstr( ) ...\verify_email.php:10

( ! ) Fatal error: Uncaught Error: Call to a member function real_escape_string() on null in C:\wamp64\www\Dataeg\functions.php on line 21
( ! ) Error: Call to a member function real_escape_string() on null in C:\wamp64\www\Dataeg\functions.php on line 21
Call Stack
#   Time    Memory  Function    Location
1   0.0004  403064  {main}( )   ...\verify_email.php:0
2   0.1575  420064  cleanstr( ) ...\verify_email.php:10

.......................................... Am i doing something wrong, or is there no way to use real_escape_string is in a custom function

</div>