skateme Posted September 28, 2008 Share Posted September 28, 2008 I was reading about mysql_escape_strings and how they're much more secure than just calling a variable using $_POST. I tried it out in my code but I always get an error saying: Use of undefined constant 'delete' - assumed 'delete' in .......... on line 9 How do I fix this error? This is my code $delete = mysql_query("delete from mytable where user='".mysql_escape_string($_REQUEST[delete])."'",$c); $delete; To simplify reading, the code is: where user = quote double-quote . mysql_escape_string($_REQUEST[delete]). double-quote quote double-quote I also have another question. How do I store timestamps in my database? When I'm updating/inserting a new entry I just put ' ' for the value of timestamp but it doesn't work. Thanks in advance! Link to comment https://forums.phpfreaks.com/topic/126154-problems-with-mysql_escape_string/ Share on other sites More sharing options...
pocobueno1388 Posted September 28, 2008 Share Posted September 28, 2008 It's mysql_real_escape_string(), not mysql_escape_string(). Try $delete = mysql_query("DELETE FROM mytable WHERE user='".mysql_real_escape_string($_REQUEST['delete'])."'",$c); Also, what is the point of the line below the query? I don't understand why you just have $delete there. Link to comment https://forums.phpfreaks.com/topic/126154-problems-with-mysql_escape_string/#findComment-652386 Share on other sites More sharing options...
skateme Posted September 28, 2008 Author Share Posted September 28, 2008 Thanks for the reply but I got an error: Fatal error: Call to undefined function  mysql_query() in ........... on line 8 When I removed the single quotes from $_REQUEST['delete'] and changed the query to all lowercase, that error was gone. Instead I was left with the original error: Use of undefined constant 'delete' - assumed 'delete' in .......... on line 8 Any ideas? Link to comment https://forums.phpfreaks.com/topic/126154-problems-with-mysql_escape_string/#findComment-652396 Share on other sites More sharing options...
fenway Posted September 29, 2008 Share Posted September 29, 2008 You sure mysql is correctly configured? Link to comment https://forums.phpfreaks.com/topic/126154-problems-with-mysql_escape_string/#findComment-653351 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.