TalkPHP - View Single Post

9three · 10-23-2008, 06:12 PM

I'm setting up a client log in system and im trying to escape strings so that special characters dont create an error. But I know im doing it wrong, and the manual isn't really helping

PHP Code:


			
$query = "SELECT url FROM authorized_clients
          WHERE name = '$name' AND password = '$password'", $cnx->escape_string($clientID);

the $cnx->escape_string($clientID) part. I don't even know if I'm putting it in the right place.

edit:

this is the part where i define $cnx and clientID

PHP Code:


			
session_start();
if (isset($_SESSION['clientID'])){

$clientID = (Integer)$_SESSION['clientID'];

//Connect to MySQL
$cnx = mysqli_connect('localhost', 'username', 'password');
if (!cnx){
    exit('<p>Error: Unable to connect to MySQL');
}

10-23-2008, 06:12 PM	#1 (permalink)
9three The Contributor Join Date: Oct 2008 Posts: 75 Thanks: 4	escape strings I'm setting up a client log in system and im trying to escape strings so that special characters dont create an error. But I know im doing it wrong, and the manual isn't really helping PHP Code: `$query = "SELECT url FROM authorized_clients WHERE name = '$name' AND password = '$password'", $cnx->escape_string($clientID);` the $cnx->escape_string($clientID) part. I don't even know if I'm putting it in the right place. edit: this is the part where i define $cnx and clientID PHP Code: `session_start(); if (isset($_SESSION['clientID'])){ $clientID = (Integer)$_SESSION['clientID']; //Connect to MySQL $cnx = mysqli_connect('localhost', 'username', 'password'); if (!cnx){ exit('<p>Error: Unable to connect to MySQL'); }`