douge3492 2016-01-05 14:30
浏览 620
已采纳

未捕获的错误:调用未定义的函数mysql_escape_string()

Fatal error: Uncaught Error: Call to undefined function mysql_escape_string() in C:\xampp\htdocs\phoenixprojectegister.php:16 Stack trace: #0 {main} thrown in C:\xampp\htdocs\phoenixprojectegister.php on line 16

How to fix this?

<?php
require("config.php");
?>
<?php
if(isset($_POST['submit'])){

$email1 = $_POST['email1'];
$email2 = $_POST['email2'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];

if($email1 == $email2) {
    if($pass1 == $pass2) {
//All good. Nastavi broo.

$name = mysql_escape_string($_POST['name']);
$lname = mysql_escape_string($_POST['lname']);
$uname = mysql_escape_string($_POST['uname']);
$email1 = mysql_escape_string($email1);
$email2 = mysql_escape_string($email2);
$pass1 = mysql_escape_string($pass1);
$pass2 = mysql_escape_string($pass2);

mysql_query("INSERT INTO `users` (`id`, `name`, `lname`, `uname`, `email`, `pass`) VALUES (NULL, '$name', '$lname', '$uname', '$email1', '$pass1')") or die (mysql_error());



}else{
  echo "Sorry, your password is not corrext.";
  exit();
}
}else{
  echo "Sorry!";
}

} // brace for submit conditional

$form = <<<EOT
<form action="register.php" method="POST">
First Name: <input type="text" name="name" /></br>
Last Name: <input type="text" name="lname" /></br>
Username: <input type="text" name="uname" /></br>
Email: <input type="text" name="email1" /></br>
Confirm Email: <input type="text" name="email2" /></br>
Password: <input type="password" name="pass1" /></br>
Confirm Password: <input type="password" name="pass2" /></br>
<input type="submit" value="Register" name="submit" />
</form>
EOT;
echo $form;

?>

Well I know that I was try to mix mysql and mysqli....

  • 写回答

4条回答 默认 最新

  • dsour68888 2016-01-05 14:53
    关注

    To help you out here... (too long for a comment)

    Your require("config.php"); should contain the following:

    Sidenote: Use the proper settings for your host.

    $link = mysqli_connect("localhost", "username", "mpassword", "database") or die($link);

    Then changing your escape functions to use the mysqli_ version of it and passing the connection parameter to it:

    $name = mysqli_real_escape_string($link, $_POST['name']);
$lname = mysqli_real_escape_string($link, $_POST['lname']);
$uname = mysqli_real_escape_string($link, $_POST['uname']);
$email1 = mysqli_real_escape_string($link, $email1);
$email2 = mysqli_real_escape_string($link, $email2);
$pass1 = mysqli_real_escape_string($link, $pass1);
$pass2 = mysqli_real_escape_string($link, $pass2);

    Again, same thing for the query. Using the i version and passing connection to it as the first parameter.

    mysqli_query($link, "INSERT INTO ...

    Check for errors on your query using mysqli_error($link);

    So you could modify the query to read as

    $query = mysqli_query($link, "INSERT INTO ...

    and doing

    if(!$query){
   echo "Error: " . mysqli_error($link);
   }

    Also read the following on Stack in regards to API mixing:

    • Can I mix MySQL APIs in PHP?
    • You can't. mysql_ with mysqli_ or PDO etc. do NOT intermix together. You must use the same one from connecting to querying.

    Footnotes.

    Passwords

    I also noticed that you may be storing passwords in plain text. This is not recommended. If you intend on going LIVE with this at some point, do NOT store passwords as plain text in your database.

    Consult the following.

    Other links:

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 metadata提取的PDF元数据,如何转换为一个Excel
  • ¥15 关于arduino编程toCharArray()函数的使用
  • ¥100 vc++混合CEF采用CLR方式编译报错
  • ¥15 coze 的插件输入飞书多维表格 app_token 后一直显示错误,如何解决?
  • ¥15 vite+vue3+plyr播放本地public文件夹下视频无法加载
  • ¥15 c#逐行读取txt文本,但是每一行里面数据之间空格数量不同
  • ¥50 如何openEuler 22.03上安装配置drbd
  • ¥20 ING91680C BLE5.3 芯片怎么实现串口收发数据
  • ¥15 无线连接树莓派,无法执行update,如何解决?(相关搜索:软件下载)
  • ¥15 Windows11, backspace, enter, space键失灵