mysql_real_escape_string returns an empty string solution -

mysql_real_escape_string returns an empty string solution

This is a common mistake but many people do not realize this function comes from mysql itself, so therefore you need an active mysql connection open.

Usually the string will be empty and null when you call it from outside of the database connection portion of your code.

eg. an example of the wrong way and creating a null/empty string

$var = mysql_real_escape_string($myself)

mysql_connect();

// returns null/empty

As you can see above the escape was called before we connected to the db so that's why it returns empty.

How to fix it (put the escape call after you connect to mysql):

mysql_connect();

$var = mysql_real_escape_string($myself)

 

There realy should be more of a warning from PHP itself because an empty string could cause havoc with database transactions.

Another way the problem can be created:

Sometimes as coders we get too smart and thank "we'll update all of our unescaped data to be escaped and mass replace all functions with sed"

sed -i s/'addslashes('/'mysql_real_escape_string('/g admin.php

A good example is the above, why does it break?  Because as we showed earlier typically most coders will do the string manipulation outside of the database call section.


  • bash Linux how to get first or last letters of a word
  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated
  • Centos 5.9 Working Vault Repo file
  • Disable SSH Password Authentication to Increase Security and Harden SSH Linux Unix Server Ubuntu Mint Centos Debian
  • ecryptfs how to mount or recover from a backup
  • Linux bash script to see what connected computers respond to ping
  • rsync specify alternate port non-standard port than 22
  • Centos 6.6/6.9 KVM VM Kernel Panic On Boot - Kernel panic - not syncing: Attempted to kill init!
  • Cannot allocate TUN/TAP dev dynamically - FreeBSD/OpenBSD OpenVPN Client error Solution
  • Linux Mint/Ubuntu/Debian apt how to downgrade a package
  • Ubuntu Linux Mint How To Exclude Stop Package from being Upgraded or Installed
  • Intel NUC Lower Power Green Computing Boxes Review/Comparison of J3160 and J3455 Models
  • How to backup entire computer Linux Mint Ubuntu with tar
  • tar how to ignore failed reads and not exit
  • kdenlive titles/text renders as white screen when using .sh script
  • [1035724.274610] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=62076478 end=62076479) time 102 us, min 894, max 899, scanline start 893, end 900 W: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin
  • ffmpeg how to watermark and concatenate in one command
  • /usr/bin/ld: cannot find -lboost_system-mt-s /usr/bin/ld: cannot find -lboost_filesystem-mt-s /usr/bin/ld: cannot find -lboost_program_options-mt-s /usr/bin/ld: cannot find -lboost_thread-mt-s collect2: error: ld returned 1 exit status make: *** [cag
  • Wine uninstalled broken on Linux Mint
  • ffmpeg trouble concatenating similar but different files