cupaball Posted February 14, 2009 Share Posted February 14, 2009 I have a form that is doing basic insert to a db. My connection is a mysqli, but for some reason when I use the $name = mysql_real_escape_string($_POST[name]); I get these errors: Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/l/o/o/looking4amb/html/beta/PHP/join_mailling.php on line 6 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/l/o/o/looking4amb/html/beta/PHP/join_mailling.php on line 6 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/l/o/o/looking4amb/html/beta/PHP/join_mailling.php on line 7 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/l/o/o/looking4amb/html/beta/PHP/join_mailling.php on line 7 If if just use $Post [name]; it works fine. Can anyone help? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted February 14, 2009 Share Posted February 14, 2009 If you are using mysqli, why aren't you using the mysqli_real_escape_string() function? Quote Link to comment Share on other sites More sharing options...
bubbasheeko Posted February 14, 2009 Share Posted February 14, 2009 Try: $name = mysqli_real_escape_string($_POST['name']); Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted February 14, 2009 Share Posted February 14, 2009 The correct syntax, from the php manual - string mysqli_real_escape_string ( mysqli $link , string $escapestr ) Quote Link to comment Share on other sites More sharing options...
bubbasheeko Posted February 14, 2009 Share Posted February 14, 2009 Whoops...forgot about that...thanks PF! Quote Link to comment Share on other sites More sharing options...
cupaball Posted February 14, 2009 Author Share Posted February 14, 2009 The correct syntax, from the php manual - string mysqli_real_escape_string ( mysqli $link , string $escapestr ) Thanks, that's the part I didn't understand. I read the php manu, but I am not sure how to write the syntax for the mysqli real escape what is the $link and what is the $escapestr. Would I put the $post in both places? Thanks for you help. You guys are way more help than the folks on the devnetwork forum. Quote Link to comment Share on other sites More sharing options...
Mchl Posted February 14, 2009 Share Posted February 14, 2009 $link is a database connection you made with mysqli_connect $escapestr is string to be escaped. Quote Link to comment Share on other sites More sharing options...
bubbasheeko Posted February 14, 2009 Share Posted February 14, 2009 To further the example by Mchl. Your database connection: $link = mysql_connect ( $hostname, $username, $password ) or trigger_error ( mysql_error(),E_USER_ERROR ); mysql_select_db ( $database ); Your mysqli string: $name = mysql_real_escape_string($link, $_POST[name]); Quote Link to comment Share on other sites More sharing options...
Mchl Posted February 14, 2009 Share Posted February 14, 2009 bubbasheeko: Please don't confuse mysql extension with mysqli extensions. Their syntax is similar but it is NOT the same. You're introducing unnecessary confusion. Quote Link to comment Share on other sites More sharing options...
cupaball Posted February 14, 2009 Author Share Posted February 14, 2009 Thanks, I got it work! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.