pioneerx01 Posted January 30, 2014 Share Posted January 30, 2014 I am starting to work with MySQLi and so far so good. I am having issues with mysqli_real_escape_string in function. if(!function_exists('todatabase')) { function todatabase ($variable) { $variable = mysqli_real_escape_string($variable); return $variable; } } Every time I put something into database I run it through "todatabase" function, but if I have mysqli_real_escape_string in there the function does not execute. I also get no error messages and rest of the code runs to the end smooothly. I tried using: $variable = mysqli_real_escape_string($dbc, $variable); $variable = $dbc->real_escape_string($variable); But it did not work either. What am I missing? Link to comment https://forums.phpfreaks.com/topic/285787-problems-with-function-and-mysqli_real_escape_string/ Share on other sites More sharing options...
doddsey_65 Posted January 30, 2014 Share Posted January 30, 2014 mysqli_real_escape_string requires the database object as a first parameter. Can you show the code which defines $dbc? Also what do you mean by "the function doesnt execute"? What is the input variable and what are you expecting to be returned? Link to comment https://forums.phpfreaks.com/topic/285787-problems-with-function-and-mysqli_real_escape_string/#findComment-1467022 Share on other sites More sharing options...
pioneerx01 Posted January 30, 2014 Author Share Posted January 30, 2014 The connect code is DEFINE ('DBNAME', ''); DEFINE ('DBUSER', ''); DEFINE ('DBHOST', ''); DEFINE ('DBPW', ''); $dbc = mysqli_connect(DBHOST,DBUSER,DBPW,DBNAME); if (mysqli_connect_errno($con)) { echo "Could not connect to the database. <br/>"; exit(); die(); } else { mysqli_set_charset($dbc, "utf8"); } When I do this $dbc->query("UPDATE table SET `first_name` = '".todatabase($first_name)."' WHERE ID = '#' "); first_name remains the same and does not change, no errors though. (errors are not supressed) Link to comment https://forums.phpfreaks.com/topic/285787-problems-with-function-and-mysqli_real_escape_string/#findComment-1467025 Share on other sites More sharing options...
doddsey_65 Posted January 30, 2014 Share Posted January 30, 2014 And what is $first_name? What does it contain? Also, no need to use die() and exit(), they are the same function. Link to comment https://forums.phpfreaks.com/topic/285787-problems-with-function-and-mysqli_real_escape_string/#findComment-1467028 Share on other sites More sharing options...
mac_gyver Posted January 30, 2014 Share Posted January 30, 2014 you need to pass the $dbc variable into the function as a call time parameter. you also need to turn on php's error_reporting/display_errors to get php to help you. you would be getting several php error's when you tried to use $dbc inside the function. lastly, for a user written function, there's no good reason to test if it doesn't exist before defining it. that's just more lines of code to clutter up what you are doing. Link to comment https://forums.phpfreaks.com/topic/285787-problems-with-function-and-mysqli_real_escape_string/#findComment-1467030 Share on other sites More sharing options...
davidannis Posted January 30, 2014 Share Posted January 30, 2014 $dbc->query("UPDATE table SET `first_name` = '".todatabase($first_name)."' WHERE ID = '#' "); is there a record in the database that matches the WHERE clause? Link to comment https://forums.phpfreaks.com/topic/285787-problems-with-function-and-mysqli_real_escape_string/#findComment-1467031 Share on other sites More sharing options...
pioneerx01 Posted January 30, 2014 Author Share Posted January 30, 2014 Oh yes, I could do just that. Why did't I think of that: function todatabase ($dbc, $variable) { $variable = preg_replace('/\s+/', ' ', $variable); $variable = mysqli_real_escape_string($dbc, $variable); return $variable; } $dbc->query("UPDATE table SET `first_name` = '".todatabase($dbc, $first_name)."' WHERE ID = '#' "); Thank you all. Link to comment https://forums.phpfreaks.com/topic/285787-problems-with-function-and-mysqli_real_escape_string/#findComment-1467037 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.