Error connecting my php code to my database

Question

Am getting the following error message: Fatal error: Uncaught Error: Call to undefined function mysql_real_escape_string() in C:\xampp\htdocs\mine\server.php:12 Stack trace: #0 C:\xampp\htdocs\mine\register.php(1): include() #1 {main} thrown in C:\xampp\htdocs\mine\server.php on line 12

Here's my code:

<?php
     $username = "";
     $email = "";
     $errors = array();

    //connect to the database
    $db = mysqli_connect('localhost', 'root', '', 'registration');

    //if the register button is clicked
    if (isset($_POST['register'])) {

        $username = mysql_real_escape_string($_POST['username']);
        $email = mysql_real_escape_string($_POST['email']);
        $password_1 = mysql_real_escape_string($_POST['password_1']);
        $password_2 = mysql_real_escape_string($_POST['password_2']);

        //to ensure that the form fields are filled properly
        if (empty($username)) {
            array_push($errors, "Username is required");
          }

          if (empty($email)) {
            array_push($errors, "Email is required");
          }

          if (empty($password_1)) {
            array_push($errors, "Password is required");
          }

          if($password_1 != $password_2){
            array_push($errors, "The two passwords do not match");
          }

          //if there's no errors, save the user to database
          if(count($errors)==0) {
            $password = md5($password_1); //encrypt password before storing to database (security)
            $sql = "INSERT INTO users (username, email, password)
                         VALUES ('$username', '$email', 'password')";
             mysqli_query($db,$sql);
          }

    }


  ?>

**WARNING**: If you're just learning PHP, please, do not learn the obsolete [`mysql_query`](http://php.net/manual/en/function.mysql-query.php) interface. It's awful and has been removed in PHP 7. A replacement like [PDO is not hard to learn](http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/) and a guide like [PHP The Right Way](http://www.phptherightway.com/) helps explain best practices. Make **sure** your user parameters are [properly escaped](http://bobby-tables.com/php) or you will end up with severe [SQL injection bugs](http://bobby-tables.com/). — tadman, Jan 24 '18 at 19:05
**WARNING**: Writing your own access control layer is not easy and there are many opportunities to get it severely wrong. Please, do not write your own authentication system when any modern [development framework](http://codegeekz.com/best-php-frameworks-for-developers/) like [Laravel](http://laravel.com/) comes with a robust [authentication system](https://laravel.com/docs/master/authentication) built-in. At the absolute least follow [recommended security best practices](http://www.phptherightway.com/#security) and **never store passwords with a weak, high-speed hash like SHA1 or MD5**. — tadman, Jan 24 '18 at 19:05

Error connecting my php code to my database

0 Answers0