[SOLVED] mysql_real_escape_string problem

[AdRock]

I have been rewriting my website and I have got a problem with validating user input.

 

I am trying to check against sql injection using mysql_real_escape_string which i have done before but it's not working properly now

 

The errors i am getting are these:

Access denied for user: 'ODBC@localhost' (Using password: NO) in d:\\Apache\\htdocs\\copy of working\\php\\functions.php on line 262

PHP Warning:  mysql_real_escape_string()  Access denied for user: 'ODBC@localhost' (Using password: NO) in d:\\Apache\\htdocs\\copy of working\\php\\functions.php on line 262

PHP Warning:  mysql_real_escape_string()  A link to the server could not be established in d:\\Apache\\htdocs\\copy of working\\php\\functions.php on line 262

 

Here is the function is question

// Function to check user input on the form such as prevent sql injection

function check_input($value)
{
    // Stripslashes
    if (get_magic_quotes_gpc()){
	$value = stripslashes($value);
    }
    // Quote if not a number
    if (!is_numeric($value)){
	$value = mysql_real_escape_string($value);
    }
    return $value;
}

 

There is a connection to the database becuase i call the database functions at the top of the page

 

This is the top part of the page which checks user input

<?php
require_once('php/database/MySQL.php');
require_once('php/database/connection.php');
require_once('php/init.php');
    /**
    * forgotpassword.php is the the page that takes validated values from a form, passing them
    * to the forgot_password function, to create a new password and email it to the user.
    */
    // The title of the page
    $title = "Forgotten Password Recovery";

    // Include the validation classes
    require_once('php/validators/ValidateEmail.php');
    require_once('php/validators/ValidateCaptcha.php');

$useremail ="";

    // Validate the form
    if ( isset ($_POST['recover']) ) {


    	//variables for checking the user's email
    	$email = check_input(trim(strtolower($_POST['email'])));

Any ideas why it's doing this?

 

[Mchl]

db connection resource is not available within a function. Add

global $mysql;  //or whatever your dbconnection is called

as the first line in function.

[trq]

db connection resource is not available within a function. Add

global $mysql;  //or whatever your dbconnection is called

as the first line in function.

 

You do not need to specify a connection, the last open connection is used by default.

 

Your connection appears to be failing. Id start debuging there first.

[Mchl]

I'm too used to mysqli now to remember that :/

[AdRock]

What is really strange is that the connection outputs other content from the database on the page.  It's just when i try to validate user input.

 

Any suggestions where to start debugging?

[trq]

Line 262 of functions.php

[trq]

You need to make sure that your check_input() function declaration occurs after a valid connection has been made.

[AdRock]

Sorted....thanks