mysql_real_escape_string returns an empty string solution -

mysql_real_escape_string returns an empty string solution

This is a common mistake but many people do not realize this function comes from mysql itself, so therefore you need an active mysql connection open.

Usually the string will be empty and null when you call it from outside of the database connection portion of your code.

eg. an example of the wrong way and creating a null/empty string

$var = mysql_real_escape_string($myself)

mysql_connect();

// returns null/empty

As you can see above the escape was called before we connected to the db so that's why it returns empty.

How to fix it (put the escape call after you connect to mysql):

mysql_connect();

$var = mysql_real_escape_string($myself)

 

There realy should be more of a warning from PHP itself because an empty string could cause havoc with database transactions.

Another way the problem can be created:

Sometimes as coders we get too smart and thank "we'll update all of our unescaped data to be escaped and mass replace all functions with sed"

sed -i s/'addslashes('/'mysql_real_escape_string('/g admin.php

A good example is the above, why does it break?  Because as we showed earlier typically most coders will do the string manipulation outside of the database call section.


  • /usr/bin/ld: cannot find -lboost_system-mt-s /usr/bin/ld: cannot find -lboost_filesystem-mt-s /usr/bin/ld: cannot find -lboost_program_options-mt-s /usr/bin/ld: cannot find -lboost_thread-mt-s collect2: error: ld returned 1 exit status make: *** [cag
  • Wine uninstalled broken on Linux Mint
  • ffmpeg trouble concatenating similar but different files
  • ffmpeg Unable to Use Hardware Encoding with Nvidia 3.40 Driver and GT210 card
  • Linux Mint USB Kernel Tainted and Locked Port/Dev File
  • ffmpeg Linux Mint download, compile and install howto
  • OpenVZ error : Container start failed (try to check kernel messages, e.g. "dmesg | tail") Locked by: pid 166638, cmdline vzctl start 888171
  • How to extract view contents of initramfs image gzip'd
  • Linux how to copy GPT partition table with dd
  • Centos 7 How To Change Hostname
  • Debian/Mint/Ubuntu Font Packs/Recommended To Install
  • Migrate Centos 7 from Single HDD to mdadm RAID 10 array:
  • How to change reserved blocks in Linux partition
  • Reading package lists... Done W: GPG error: http://ppa.launchpad.net trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY D46F45428842CE5E
  • Centos 7 A start job is running for dev-mapper-clx2droot.device (8min 44s / no limit)
  • USB 3.0 External HDD Enclosure Seagate UAS problems - [sdd] tag#1 CDB: Write(16) 8a 00 00 00 00 01 70 04 08 68 00 00 00 08 00 00
  • Centos 7 Cudaminer Nvidia setup guide
  • USB 3.0 PCI x1 Card Review VIA VL805 on Linux Review and Experience
  • rsync run as root sudo without password
  • Why won't my Linux Mint boot after I manually installed a new kernel?