mysql_real_escape_string($value) not working
Question
im trying to prevent sql injection with
mysql_real_escape_string($value)
here is my code, but it seem that i get a null value ,
$this->name_safe = mysqli_real_escape_string($this->name,$this->link);
$this->query = "INSERT INTO student (complete_name, date_birth, gender, email, student_status)
VALUES ( '$this->name_safe', '$this->date', '$this->gender', '$this->email_1', 'current')";
? thx
1 answers
solution1
2 ACCPTED 2011-03-23 01:34:54
You have your function arguments in the wrong order. DB link comes first, then the string to escape.
http://php.net/mysqli_real_escape_string
mysqli_real_escape_string($this->link, $this->name)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
mysql_real_escape_string() not working in cakePHP
mysql_real_escape_string not working?
mysql_real_escape_string function not working
mysql_real_escape_string not working
mysql_real_escape_string is not working
mysql_real_escape_string not working on windows
mysql_real_escape_string and ’
MySQL PHP mysql_real_escape_string() - is this value not a string?
mysql_real_escape_string working perfectly in localhost, not working online
mysql_real_escape_string does not escape "
Related Tags