We're a community of 1077K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,076,510 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: IT HelpDesk & Customer Support Software
7 Months Ago
0

mysql_real_escape_string() not working on PHP5

hi all,
i am actually working on a project. But the mysql_real_escape_string() is not working on my php5 codes. Can anyone suggest me an alternative to avoid sql injection, plz!

Thank you!

3
Contributors
3
Replies
1 Hour
Discussion Span
7 Months Ago
Last Updated
4
Views
ajay.motah
Newbie Poster
19 posts since Aug 2012
Reputation Points: 0
Solved Threads: 1
Skill Endorsements: 0
7 Months Ago
0

Please show us your code, becuase that function is supposed to work, no matter what! as with all functions, there must be something you are doing wrong.

Vribium
Junior Poster in Training
56 posts since Mar 2011
Reputation Points: 10
Solved Threads: 3
Skill Endorsements: 0
7 Months Ago
0

ok here is the code:

$txtAucName=mysql_real_escape_string($_POST['txtAuction']);

its taking in " '" etc like characters to the db
So can u please suggest a proper way to make sure data is stored correctly to the db and prevert other sql injections.

thank you

ajay.motah
Newbie Poster
19 posts since Aug 2012
Reputation Points: 0
Solved Threads: 1
Skill Endorsements: 0
7 Months Ago
0

What does it echo out?

When you do an echo $txtAucName?

And what is your input?

iamthwee
Posting Genius
6,263 posts since Aug 2005
Reputation Points: 1,567
Solved Threads: 476
Skill Endorsements: 35

This article has been dead for over three months: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Web Development > PHP
View similar articles that have also been tagged:
 
© 2013 DaniWeb® LLC
Page rendered in 0.0594 seconds using 2.68MB