0

Here is simplified version of my code:

$db = new mysqli('localhost', 'user', 'pass', 'database') or die(mysqli_error());    

$gender = $db->escape_string($_GET['gender']);
$city = $db->escape_string($_GET['city']);

Here is the error I get:

Call to undefined method DB::escape_string() in /blablabla/bla/file.php on line 2

Why am I getting an error?

Improve this question
3
  • If you use prepared statements, theres no need for real_escape_string Commented Feb 21, 2013 at 22:03
  • Yes, I am going to learn how to do prepared statements for this. It would be nice to know what is causing that error though. Commented Feb 21, 2013 at 22:31
  • 1
    Okay, I had another variable named $db deep inside my files. I feel stupid now. Commented Feb 21, 2013 at 23:07

2 Answers 2

Reset to default
2

I think what you're looking for is mysqli::real_escape_string()

$gender = $db->real_escape_string($_GET['gender']);
$city = $db->real_escape_string($_GET['city']);
Improve this answer
Sign up to request clarification or add additional context in comments.

10 Comments

Already tried that... Call to undefined method DB::real_escape_string(). Aren't they the same thing anyways.
Nope. MySQLi doesn't have a escape_string() method. Plus, in the mysql_* functions they work very differently.
@JohnConde actually i does... php.net/manual/en/mysqli.real-escape-string.php
real_escape_string() != escape_string()
That still didn't fix the problem though. How is real_escape_string() undefined?
|
0

escape_string is an alias to real_escape_string, so they're identical.

here's a link for documentation:

http://php.net/manual/en/mysqli.real-escape-string.php

try this

 $city = $mysqli->real_escape_string($_GET['city']);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.