mysql_real_escape_string returns an empty string solution -

mysql_real_escape_string returns an empty string solution

This is a common mistake but many people do not realize this function comes from mysql itself, so therefore you need an active mysql connection open.

Usually the string will be empty and null when you call it from outside of the database connection portion of your code.

eg. an example of the wrong way and creating a null/empty string

$var = mysql_real_escape_string($myself)

mysql_connect();

// returns null/empty

As you can see above the escape was called before we connected to the db so that's why it returns empty.

How to fix it (put the escape call after you connect to mysql):

mysql_connect();

$var = mysql_real_escape_string($myself)

 

There realy should be more of a warning from PHP itself because an empty string could cause havoc with database transactions.

Another way the problem can be created:

Sometimes as coders we get too smart and thank "we'll update all of our unescaped data to be escaped and mass replace all functions with sed"

sed -i s/'addslashes('/'mysql_real_escape_string('/g admin.php

A good example is the above, why does it break?  Because as we showed earlier typically most coders will do the string manipulation outside of the database call section.


  • mdadm frozen and doesn't realize array is dead/missing failed due to unplugged drives
  • Unable to mount location Failed to retrieve share list from server: No such file or directory solution
  • mdadm how to make inactive array active
  • ImageMagick how to trim white space automatically in Linux
  • curl: (1) Protocol "https not supported or disabled in libcurl"
  • Centos 5 OpenSSL does not support TLS 1.2 Apache Error
  • DRBD Split-brain solution
  • How to Properly Secure SSL/TLS Apache Settings against Heartbleed Poodle (TLS) Poodle (SSLv3) FREAK BEAST CRIME
  • K9 Mail Android Cannot See or View E-mails Disappear after reading - with Dovecot server. Solution
  • The folder contents could not be displayed connection refused - solution
  • Setting Up System for First Use... Please Wait... - WHMCS Installer
  • ERROR 2013 (HY000): Lost connection to MySQL server during query
  • if script bash check if socket file (mysql.sock) exists
  • ioncube loader install howto on PHP/Centos
  • apc_shm_attach: shmat failed: in Unknown on line 0 & apc_shm_create: shmget(0, 67108864, 914) failed PHP Solution
  • MySQLD Server shutdown remotely unexpectedly
  • cPanel Install Error kernel ipv6 module support solution
  • bash count length of string and characters
  • PayPal Subscription Howto Creation Automatic Payments Manual
  • bind/named rndc: connect failed: 127.0.0.1#953: connection refused (solution)