如何传入带有感叹号的变量？ PHP [重复]

I'm working on a database login system in PHP but one of my users has an exclamation mark in his password which breaks it, The line where it says ($password = $_GET['p'];) is where the password gets passed in

$username = $_GET['u'];
$password = $_GET["p"];
function userLoginIpb($username, $password) { //select the password information froms elected user
          $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT `members_pass_salt`, `members_pass_hash` FROM `members` WHERE `name` = '$username'");
          $results = mysqli_fetch_assoc($query);
          $password = md5(md5($results['members_pass_salt']).md5($password));
          if ($password == $results['members_pass_hash']) {
              return true;
          } else {
              return false;
          }

</div>

The issue is your $_GET[] request, since a ! character will be encoded to %21. Since you're working on the system, do it the correct way instead.

1. Use POST requests, as you don't want the users to copy paste a link with a password in them.
2. Use the new functions in PHP, password_hash() with password_verify() as they have a salt build into them making it quite secure and very easy to work with.
3. Bind values to a SQL string do not blindly put them in there as you are currently open to an easy SQL injection. Adding a password like pass; DROP TABLE members; will break it.

You need to use mysqli_real_escape_string:

<?php

$username = $_GET['u'];
$password = $_GET["p"];

// select the password information froms elected user
function userLoginIpb($username, $password)
{
    global $___mysqli_ston;

    $s = mysqli_real_escape_string($___mysqli_ston, $username);
    $query = mysqli_query($___mysqli_ston, "SELECT `members_pass_salt`, `members_pass_hash` FROM `members` WHERE `name` = '$s'");
    $results = mysqli_fetch_assoc($query);
    $password = md5(md5($results['members_pass_salt']).md5($password));

    return $password == $results['members_pass_hash'];
}

Also take a look at PDO.