What is the function of mysql_real_escape_string() in php?

Question

I have an error like this in my code

Fatal error: Uncaught Error: Call to undefined function mysql_real_escape_string() in C:\xampp\htdocs\wp\server.php:12 Stack trace: #0 C:\xampp\htdocs\wp\register.php(1): include() #1 {main} thrown in C:\xampp\htdocs\wp\server.php on line 12

My code is

$username="";
$email="";
$errors=array();

//conct to sever
$db = mysqli_connect('localhost','registration');

//register button click
if (isset($_POST['register'])){
    $username=mysql_real_escape_string($conn,$_POST['username']);
    $email=mysql_real_escape_string($conn,$_POST['email']);
    $password_1=mysql_real_escape_string($_POST['password_1']);
    $password_2=mysql_real_escape_string($_POST['password_2']);

Can someone explain What is the function of mysql_real_escape_string() in php?

it's deprecated function. so see here [link](http://php.net/manual/en/function.mysql-real-escape-string.php) — gaurav, Jun 03 '18 at 06:52
Possible duplicate of [what does mysql\_real\_escape\_string() really do?](https://stackoverflow.com/questions/6327679/what-does-mysql-real-escape-string-really-do) — gaurav, Jun 03 '18 at 06:54
Are you using PHP 7? Then see https://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php — Nico Haase, Jun 03 '18 at 08:01

score 0 · Answer 1 · answered Jun 03 '18 at 06:27

0

Since you're using msqli, you should use the mysqli function:

$username = mysqli_real_escape_string($conn,$_POST['username']);

answered Jun 03 '18 at 06:27

Mureinik

297,002
52
306
350

really you shouldn't any more there's no reason not to use prepared statatemets and bound parameters – Jun 03 '18 at 06:29

What is the function of mysql_real_escape_string() in php?

1 Answers1