Deprecated: mysql_real_escape_string(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO

Question

I'm actually looking for an alternative to mysql_real_escape_string to solve this error. in php 5.4 it worked perfectly but no longer in php 5.5

$this->mysqli = new mysqli($this->host, $this->user, $this->pass, $this->name);
// in class user
public function __set($p_sProperty, $p_vValue)
        {   
            switch($p_sProperty)
            {    
// this is marked as the error
case "Email":
             $this->Email = **mysql_real_escape_string**($p_vValue); 
                break;
}
}

You can't mis `mysql_*` functions and `mysqli_*` functions... — War10ck, Mar 03 '14 at 16:30
If you're looking for a quick answer to the OP's question, then this is a valid question: the other one (that this is marked as a duplicate of) eventually addresses the issue, but comes from a different question and is quite involved. — Tom Auger, Aug 05 '15 at 20:44
A simple alternative is the function: `addslashes` Example: `addslashes("a string with double quote ")` — anlijudavid, May 09 '18 at 21:52

score 16 · Accepted Answer · answered Mar 03 '14 at 16:30

16

You using MySQLi so use mysqli_real_escape_string():

$this->Email = $this->mysqli->real_escape_string($p_vValue);

answered Mar 03 '14 at 16:30

John Conde

217,595
99
455
496

Deprecated: mysql_real_escape_string(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO

1 Answers1