I cannot use mysql_* functions after upgrading PHP
I am having few problems with the PHP upgrade. Before, I was using PHP 5.2.0 and below; now I have upgraded to PHP 5.5.0. A few of my snippets are not running as I expected.
Here is one, for example. it says,
Deprecated: mysql_real_escape_string()
I tried mysqli_real_escape_string()
and got another error:
Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in
Here is my code:
<?php
require_once("includes/session.php");
require_once("connections/connection.php");
require_once("includes/functions.php");
?>
<?php
$username = $_POST['username'];
$password = $_POST['password'];
//$hashed_password= md5($password);
?>
<!--Receive username password and authenticate whether the same or not with database one. -->
<?php
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($username);
$password = mysqli_real_escape_string($password);
?>
<?php
$query = "SELECT *
FROM login
WHERE username = '{$username}'
AND password = '{$password}'
AND status=1";
$result = mysql_query($query);
$count = mysql_num_rows($result);
if($count == 1){
//for the session
$result_fetch= mysql_fetch_array($result);
$_SESSION['user_id']= $result_fetch['id'];
$_SESSION['user_name']= $result_fetch['username'];
session_register("username");
session_register("password");
header("Location: dashboard.php");
exit;
}
else{
echo "The username or password is incorrect.";
}
?>
<?php
//5.Close connection
if(isset($connection)){
mysql_close($connection);
}
?>
mysqli_real_escape_string
needs two arguments to work:
Syntax:
mysqli_real_escape_string($connection,$escapestring);
You need to give it the connection variable. This looks like
$connection=mysqli_connect("host","my_user","my_password","my_db");
You should refresh your PHP knowledge.
An alternative method would be to use a database object so you don’t have to pass in the connection details each time.