Error with mysqli_real_escape_string

system · December 5, 2010, 1:52pm

Hi,

I am running a php script in XAMPP (see below) and I am constantly getting this error:

Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, resource given in C:\xampp\htdocs\funstuff\signin.php on line 7

<?php session_start();
include(‘include/db.php’);
//check for session

	if(isset($_POST['submit'])){
	$dbc=mysql_connect(DB_HOST,DB_USER,DB_PW,DB_NAME);
	$username =mysqli_real_escape_string($dbc,trim($_POST['username']));
	$password=mysqli_real_escape_string($dbc,trim($_POST['password']));
	//check to see if user is signed in
	$query="SELECT user_id,user_name FROM users WHERE user_name='$username' AND user_password=SHA('$password')";
	$data=mysqli_query($dbc,$query);
		if(mysqli_num_rows($data)==1){
		$data2=mysql_fetch_array($data);
		$_SESSION['user_id']=$data2['user_id'];
		$_SESSION['username']=$data2['user_name'];
		
		echo('success');
		}
		else{echo'no match';}
	
	}

?>

DarthGuido · December 5, 2010, 2:09pm

How about using mysqli_connect?

Raju_Gautam · December 5, 2010, 4:01pm

You have mixed up two libraries together related to mysql mysql and mysqli. So either you connect with mysqli_connect and use all the functions as you have used or connect to mysql server with mysql_connect and use all the functions of mysql_*.

system · December 5, 2010, 10:01pm

as guido2004 said, you need to use msqli_connect() if you are going to use the functions in PHP’s mysqli extension to “talk” to your database.

Immerse · December 5, 2010, 11:16pm

Yeah, you need to be using mysqli_connect instead of mysql_connect!