mysqli_real_escape_string not working properly
Question
I've searched and yet nothing I find seems to work.
My problem is that when using special characters as ' the input query breaks. Now, I tried using the mysqli_real_escape_string on my string, but this returns a blank value. I read that the mysqli_real_escape_string should be placed AFTER the database connection, and as far as I know, that is what I have done, yet it returns blank values.
Here's the code:
<?php
session_start();
if (isset($_POST['submit'])) {
require_once 'connect.php';
$title = mysqli_real_escape_string($_POST['title']);
$article = mysqli_real_escape_string($_POST['article']);
$query = "INSERT INTO Articles
(Title, content)
VALUES
('$title', '$article')";
$result = mysqli_query($connect, $query) or die('could not query database');
$_SESSION['artcle'] = 1;
$_SESSION['artcle'] = $title;
mysqli_close($connect);
header('Location: CENSORED');
}
?>
2 answers
solution1
1 ACCPTED 2013-01-10 02:05:28
You forgot your resource parameter:
$title = mysqli_real_escape_string($connect, $_POST['title']);
solution2
0 2019-08-30 04:42:05
要么
$title = $connect->real_escape_string($_POST['title']);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
mysqli_real_escape_string in function, not working?
mysqli_real_escape_string not working
mysqli_real_escape_string not working correctly
mysqli_real_escape_string not working?
mysqli connection not working with mysqli_real_escape_string
mysqli_real_escape_string() isn't functioning properly
How to properly use mysqli_real_escape_string
mysqli_real_escape_string mysqli link?
mySQLI - problem with mysqli_real_escape_string
mysqli_real_escape_string Not working inside array_map
Related Tags