Tuesday, 2 May 2017

php - Uncaught Error: Call to undefined function mysql_escape_string()




Fatal error: Uncaught Error: Call to undefined function mysql_escape_string() in C:\xampp\htdocs\phoenixproject\register.php:16 Stack trace: #0 {main} thrown in C:\xampp\htdocs\phoenixproject\register.php on line 16




How to fix this?



require("config.php");

?>
if(isset($_POST['submit'])){

$email1 = $_POST['email1'];
$email2 = $_POST['email2'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];

if($email1 == $email2) {

if($pass1 == $pass2) {
//All good. Nastavi broo.

$name = mysql_escape_string($_POST['name']);
$lname = mysql_escape_string($_POST['lname']);
$uname = mysql_escape_string($_POST['uname']);
$email1 = mysql_escape_string($email1);
$email2 = mysql_escape_string($email2);
$pass1 = mysql_escape_string($pass1);
$pass2 = mysql_escape_string($pass2);


mysql_query("INSERT INTO `users` (`id`, `name`, `lname`, `uname`, `email`, `pass`) VALUES (NULL, '$name', '$lname', '$uname', '$email1', '$pass1')") or die (mysql_error());



}else{
echo "Sorry, your password is not corrext.";
exit();
}
}else{

echo "Sorry!";
}

} // brace for submit conditional

$form = <<

First Name:

Last Name:

Username:


Email:

Confirm Email:

Password:

Confirm Password:



EOT;
echo $form;

?>



Well I know that I was try to mix mysql and mysqli....


Answer



To help you out here... (too long for a comment)



Your require("config.php"); should contain the following:



Sidenote: Use the proper settings for your host.




$link = mysqli_connect("localhost", "username", "mpassword", "database") or die($link);


Then changing your escape functions to use the mysqli_ version of it and passing the connection parameter to it:



$name = mysqli_real_escape_string($link, $_POST['name']);
$lname = mysqli_real_escape_string($link, $_POST['lname']);
$uname = mysqli_real_escape_string($link, $_POST['uname']);
$email1 = mysqli_real_escape_string($link, $email1);
$email2 = mysqli_real_escape_string($link, $email2);

$pass1 = mysqli_real_escape_string($link, $pass1);
$pass2 = mysqli_real_escape_string($link, $pass2);


Again, same thing for the query. Using the i version and passing connection to it as the first parameter.



mysqli_query($link, "INSERT INTO ...


Check for errors on your query using mysqli_error($link);




So you could modify the query to read as



$query = mysqli_query($link, "INSERT INTO ...


and doing



if(!$query){
echo "Error: " . mysqli_error($link);

}


Also read the following on Stack in regards to API mixing:




  • Can I mix MySQL APIs in PHP?

  • You can't. mysql_ with mysqli_ or PDO etc. do NOT intermix together. You must use the same one from connecting to querying.







Footnotes.



Passwords



I also noticed that you may be storing passwords in plain text. This is not recommended. If you intend on going LIVE with this at some point, do NOT store passwords as plain text in your database.



Consult the following.






Other links:




No comments:

Post a Comment

c++ - Does curly brackets matter for empty constructor?

Those brackets declare an empty, inline constructor. In that case, with them, the constructor does exist, it merely does nothing more than t...