0

I userd mysql_real_escape_string(), that was ok on my localhost (on my computer run by xampp) but when I upload it to Linux server function (mysql_real_escape_string()) say Access denied for user 'drrifae'@'localhost'

This is my code:

  if($_POST['message']!=""){
        $email=$_POST['email'];
        $name=$_POST['name'];
        $message=mysql_real_escape_string($_POST['message']);
       $ip=$ip = getenv('HTTP_CLIENT_IP')?:
getenv('HTTP_X_FORWARDED_FOR')?:
getenv('HTTP_X_FORWARDED')?:
getenv('HTTP_FORWARDED_FOR')?:
getenv('HTTP_FORWARDED')?:
getenv('REMOTE_ADDR');

include('../include/connection.php');
$sql="INSERT INTO `contact_feedback` (`type`, `ip`, `message`, `name`, `email`) VALUES ('$type', '$ip', '$message', '$name', '$email'); ";
        $result=mysql_query($sql,$con) or die(mysql_query());
        if($result){
            echo $_SESSION['message']='true';
                $mailMessage=wordwrap($message,70);
                $mailMessage.='\n \n'.$email.'\n'.$name.'\n \n'.$ip;
            if($type=='1'){
                $subject="contact";
            }else if($type=='0'){
                $subject="feedback";
             }
            mail('info@rifae.com',$subject,$mailMessage,$email);
        }else{
            $_SESSION['message']='false';
        }
    }

BUT I CAN't USE mysql_real_escape_string()

miosian
  • 27
  • 5

1 Answers1

0
$message=mysql_real_escape_string($_POST['message']);
//...
include('../include/connection.php');

You currently use mysql_real_escape_string() before you include the connection - this is why you have no access.

Also keep in mind that mysql_* functions are officially deprecated and hence should not be used in new code. You can use PDO or MySQLi instead. See this answer on SO for more information. (If you follow the links in the post, you'll also find tutorials on how to use either).

mysql_ is neither MySQLi nor PDO, you should be able to see which is available via phpinfo().

Community
  • 1
  • 1
kero
  • 10,647
  • 5
  • 41
  • 51