I understand I need to connect to the db in order for mysql_real_escape_string to work, but not quite sure how.
I use this function to insert rows in tables.
function insert_db($conn, $table_name, $array){
//$array = array_map( 'mysql_real_escape_string' , $db ); //ERROR!
# Create the SQL Query
$query = 'INSERT INTO `'.$table_name.'` '.
'( `'.implode( '` , `' , array_keys( $array ) ).'` ) '.
'VALUES '.
'( "'.implode( '" , "' , $array ).'" )';
$result = $conn->query($query);
if (!$result){ trigger_error("mysql error: ".mysql_errno($result) . ": " . mysql_error($result)); }
}
It takes an array like this for example:
$db["to"] = $to;
$db["from"] = $username;
$db["message"] = $message;
$db["time"] = date("Y-m-d H:i:s", strtotime("+0 minutes"));
insert_db($conn, "inbox", $db)
where the array keys represent columns in a table.
But I get this error:
2011-02-01 22:21:29 : mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO)
Somebody asked where $conn came from:
$conn = db_connect();
if( ! function_exists('db_connect')){
function db_connect() {
$result = new mysqli('localhost', 'xxx', 'xxx', 'xxx');
if (!$result) {
die(msg(0,"Could not connect to database server"));
} else {
return $result;
}
}
}
your connection is using mysqli (i) so you cant use a mysql* function, you want mysqli_real_escape_string