Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
441 views
in Technique[技术] by (71.8m points)

mysql - I cannot use mysql_* functions after upgrading PHP

I am having few problems with the PHP upgrade. Before, I was using PHP 5.2.0 and below; now I have upgraded to PHP 5.5.0. A few of my snippets are not running as I expected.

Here is one, for example. it says,

Deprecated: mysql_real_escape_string()

I tried mysqli_real_escape_string() and got another error:

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in

Here is my code:

 <?php 

 require_once("includes/session.php");
  require_once("connections/connection.php"); 
   require_once("includes/functions.php"); 
?> 
<?php
 $username = $_POST['username'];
 $password = $_POST['password'];
 //$hashed_password= md5($password);

?>
<!--Receive username password and authenticate whether the same or not with database one. -->
<?php
 $username = stripslashes($username);
 $password = stripslashes($password);
 $username = mysqli_real_escape_string($username);
 $password = mysqli_real_escape_string($password);

?>

<?php

 $query = "SELECT * 
     FROM login 
     WHERE username = '{$username}' 
     AND password = '{$password}' 
     AND status=1";

 $result = mysql_query($query);
 $count = mysql_num_rows($result);
 if($count == 1){
  //for the session
   $result_fetch= mysql_fetch_array($result);
   $_SESSION['user_id']= $result_fetch['id'];
   $_SESSION['user_name']= $result_fetch['username'];

   session_register("username");
      session_register("password");
   header("Location: dashboard.php");
   exit;
 }
 else{
   echo "The username or password is incorrect."; 
 }
?>


<?php
 //5.Close connection
 if(isset($connection)){
  mysql_close($connection);
 }

?>
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

mysqli_real_escape_string needs two arguments to work:

Syntax:

mysqli_real_escape_string($connection,$escapestring);

You need to give it the connection variable. This looks like

$connection=mysqli_connect("host","my_user","my_password","my_db");

You should refresh your PHP knowledge.

An alternative method would be to use a database object so you don’t have to pass in the connection details each time.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...