TalkPHP

TalkPHP (http://www.talkphp.com/forums.php)
-   General (http://www.talkphp.com/general/)
-   -   mysql_real_escape_string? (http://www.talkphp.com/general/3935-mysql_real_escape_string.html)

nefus 02-03-2009 07:50 PM
mysql_real_escape_string?
 
Heya guys. I am truly puzzled by mysql_real_escape_string.

From what I understand you need to make a database connection before the function will work. I think that I'm doing this.
Code:
$link = mysqli_connect( $sql_server, $sql_user , $sql_password ) or die ('Unable to connect to server.'. mysqli_error());

mysqli_select_db( $link, $sql_database ) or die ('Unable to select database.'. mysqli_error());

$username        = mysql_real_escape_string($username, $link);
$password        = mysql_real_escape_string($password);
The $username line gives me error:
Warning: mysql_real_escape_string() expects parameter 2 to be resource...

The $password line gives me another error.
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO) in...

I would think one of these would work, suggestions??

Krik 02-03-2009 08:09 PM
Not sure if this is relevant but on the second error with the password that reference to ODBC makes me wonder if you are using a sql database at all. And in particular a MySQL database.

Village Idiot 02-03-2009 08:38 PM
Both errors would suggest that the MySql connection is invalid.

nefus 02-03-2009 08:55 PM
Actually a quick test without the mysql_real_escape_string() demonstrated that it worked fine. Data was injected correctly into the database.

nefus 02-03-2009 09:07 PM
Well, I found the problem.

It should be:
$username = mysqli_real_escape_string($link, $username);

Not:
$username = mysql_real_escape_string($username, $link);

The first statements were mysqli so that was a mistake on my part. The odd thing is that $link comes first with mysqli and second with mysql.

Village Idiot 02-04-2009 12:23 AM
It might be to make sure you can't accidentally pass one off as the other because they look almost identical.

Wildhoney 02-04-2009 01:47 AM
Do you have to specify the link in most of the mysqli_ functions? My thinking is that MySQLi has the link parameter first because that is essential for MySQLi to work correctly. In the mysql_ functions it didn't matter too much if you didn't specify the link because if only one connection was open, then that was obviously the default.

My question, why is the link parameter essential for MySQLi?

Salathe 02-04-2009 10:50 AM
My question, why use the global functions when the OO approach is much prettier?

Rainman 02-19-2013 05:25 AM
Welcome to mmoggg website to buy RS Gold, offer a lot, of course, Diablo 3 Gold and Cheap RS Gold, to be purchased at any time, at any time shipment, and Diablo 3 Gold Kaufen look forward to your visit!


All times are GMT. The time now is 10:33 AM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0