mysql_real_escape_string returns an empty string solution -

mysql_real_escape_string returns an empty string solution

This is a common mistake but many people do not realize this function comes from mysql itself, so therefore you need an active mysql connection open.

Usually the string will be empty and null when you call it from outside of the database connection portion of your code.

eg. an example of the wrong way and creating a null/empty string

$var = mysql_real_escape_string($myself)

mysql_connect();

// returns null/empty

As you can see above the escape was called before we connected to the db so that's why it returns empty.

How to fix it (put the escape call after you connect to mysql):

mysql_connect();

$var = mysql_real_escape_string($myself)

 

There realy should be more of a warning from PHP itself because an empty string could cause havoc with database transactions.

Another way the problem can be created:

Sometimes as coders we get too smart and thank "we'll update all of our unescaped data to be escaped and mass replace all functions with sed"

sed -i s/'addslashes('/'mysql_real_escape_string('/g admin.php

A good example is the above, why does it break?  Because as we showed earlier typically most coders will do the string manipulation outside of the database call section.


  • MySQL Adding New Field to Existing Database Table
  • MySQL Cannot Update/Write to any database table solution
  • Centos How To Update to Glibc 2.14 Plus
  • php remove last letters of string
  • MySQL Maximum INT Size Truncation Issue/Warning
  • MySQL How To Add New Field Column To Existing Table
  • mysql how to reset passwords with a few commands
  • htaccess apache how deny/allow to block or allow by IP address
  • PHP geoip.so fatal error Solution
  • Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or direct
  • GCC 5 on Centos 6 - How To Install
  • bash find line and replace howto
  • How To Create Apache htpasswd file
  • possible SYN flooding on ctid 42131, port 80. Sending cookies. - Solution
  • Linux last command show login by IP instead of hostname
  • Install Windows From a Linux TFTP Server instead of using WDS Solution
  • How To Secure Samba NMBD/SMBD to bind to a specific IP address
  • tftp: client does not accept options - solution if you are using UEFI PXEBoot disable it!
  • Linux how to view video card make and exact model
  • Authentication refused: bad ownership or modes for directory /home/user SSH Public Key Authentication Failed Solution