Jump to content


Photo

mysqli_real_escape_string() throwing error


Best Answer Barand, 10 March 2013 - 08:49 PM

Don't connect whenever you run a query - connecting takes about 100 times longer than most queries.

 

Variable scope - $db_con only exists within the function and not available outside.

 

Connect at the beginning of your script than pass the connection to functions that need it via the function parameters

Go to the full post


  • Please log in to reply
4 replies to this topic

#1 n1concepts

n1concepts

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts

Posted 10 March 2013 - 07:48 PM

Hi,

 

Can someone take a look at the two snippets of code and tell me what am I doing wrong to cause the following error?

 

Error: Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, string given....

 

Here's the code (flies - there are two - one the db_connection string and the other the script attempting to perform the insert)

 

<?php
// db connection string that resides in 'includes' folder

function execute($query) {
$db_con = mysqli_connect("localhost","db_user","passxxx");
mysqli_select_db($db_con, "mytable_name");
$res=mysqli_query($db_con,$query) or die(mysqli_error($db_con) . '<br />' . $query) ;
mysqli_close($db_con);
return $res;
}

?>

I know this is the (old) procedure way but I don't have the time to revamp the code to OOP - will update to PDO in coming weeks; for now, i need this set of code to work (if possible).

 

 

 

Now, here's the portion of the code where I want to escape string - giving two as example - which throws the (above) error.

 

<?php

require("includes/db_con.php");

$v1 = $_GET['v1'];\
$v2 = $_GET['v2'];
$v3 = $_GET['v3'];
// I even tried adding mysqli_real_escape_string($db_con,$v1) - as an example here but still error
$v1 = mysqli_real_escape_string(mysqli $db_con,$v1);
-----------

// Below is the function to execute MySQL Insert which pulls from the include file (db_con.php) - this is where i have the 'mysqli_real_ecape_string() defined for $v1, $v2, $v3 currently but still throwing error:

execute("insert into logs (logid,value1,value2,value3) values ('',,'$'".mysqli_real_escape_string($v1).'".mysqli_real_escape_string($v2)."','".mysqli_real_escape_string($v3)."')");

?>

 

Note: I know the syntax is mysqlI_real_escape_string(mysqli $link, string) - when i add 'mysqli $link - code breaks....
Issue: I switched current code from mysql to mysqli and need to launch; once up and running, i plan to go back and revise code to PDO which, I know the prefer choice - just under gun to get up and running so switched to mysqli just in interim.

Any advise to get provided snippet code running where insert possible, much appreciated - thx!


Edited by n1concepts, 10 March 2013 - 07:54 PM.


#2 n1concepts

n1concepts

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts

Posted 10 March 2013 - 08:12 PM

execute("insert into logs (logid,value1,value2,value3) values ('',,'".mysqli_real_escape_string($v1).'","'.mysqli_real_escape_string($v2)."','".mysqli_real_escape_string($v3)."')");

 

I missed a comma between $v1 and $v2 - however the issues still remains: Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given

 

This is starting to bug me as it shouldn't be this difficult - appreciate another set of eyes to identify issue (thx!)



#3 Barand

Barand

    Sen . ( ile || sei )

  • Gurus
  • 13,885 posts
  • LocationCheshire, UK

Posted 10 March 2013 - 08:49 PM   Best Answer

Don't connect whenever you run a query - connecting takes about 100 times longer than most queries.

 

Variable scope - $db_con only exists within the function and not available outside.

 

Connect at the beginning of your script than pass the connection to functions that need it via the function parameters


|baaGrid| easy data tables - and more
|baaChart| easy line, column and pie charts
|baaSelect| generate js and php code for dynamic linked dropdowns

 


#4 n1concepts

n1concepts

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts

Posted 11 March 2013 - 04:12 AM

Barand,

 

Thanks - your point confirmed what I thought (after stepping back and revisiting what i had done).

It wasn't making the connection as you stated - thx!

 

Matter solved - just added the connection string right b4 the escapses and works!



#5 jegans

jegans

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 01 April 2013 - 07:34 AM

Hi All,

 

I have query problem for the below point, So can some help us on this, as we are trying this one for the past 2 weeks.

 

exclude sunday's and time should start from 8.00Am to 6.00PM in mysql query

 

And The query we have is

 

SELECT B.ProblemID, A.problemID,A.EnclID as A_ENCLID,
B.EnclID as B_EnclID, B.EnclSubmittedTime,
(SPLIT_STR(B.enclname,"_", 1)),
B.EnclComment,B.EnclSubmittedTime,
COALESCE((TIMEDIFF(A.EnclSubmittedTime, B.EnclSubmittedTime))) AS Time_DIFF
FROM TABLE B
LEFT JOIN TABLE A ON B.EnclID < A.EnclID
AND A.problemID = B.ProblemID
and A.enclname not like 'Enclosure%'
where B.enclname not like 'Enclosure%'
and A.EnclSubmittedTime not in (
Give_Me_Dates_Days(1, B.EnclSubmittedTime, A.EnclSubmittedTime)
)
Group by B.ProblemID, B.EnclID
order by B.ProblemID ASC

 

If any quries, please reply to this, we will response you.

 

Thanks In advance.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com