how to solve error in mysql_real_escape_string() function?

Question

Fatal error: Uncaught Error: Call to undefined function mysql_real_escape_string() in C:\xampp\htdocs\MyFirstWebsite\register.php:19 Stack trace: #0 {main} thrown in C:\xampp\htdocs\MyFirstWebsite\register.php on line 19

   <?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    echo "Username entered is : ". $username . "<br/>";
    echo "Password entered is : ". $password;
}
?>

Here in line 19 the following code lies:

$username = mysql_real_escape_string($_POST['username']);

---

Then I tried using mysqli().so i changed my php code like this:

<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
    $username = mysqli_real_escape_string($_POST['username']);
    $password = mysqli_real_escape_string($_POST['password']);
    echo "Username entered is : ". $username . "<br/>";
    echo "Password entered is : ". $password;
}
?>

Then it shows this output:

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\MyFirstWebsite\register.php on line 19

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\MyFirstWebsite\register.php on line 20

Here, on line 19 and line 20 .The following code lies:

$username = mysqli_real_escape_string($_POST['username']);
        $password = mysqli_real_escape_string($_POST['password']);

Can anyone help me and tell me what should be in that code?

Answer 1

You have to pass connection variable as first argument like below:

$username = mysqli_real_escape_string($conn,$_POST['username']);

Here $conn is

$conn = mysqli_connect('hostname','username','password','dbname');