Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Access denied error when using mysql_real_escape_string()

Tags:

php

mysql

mysql-real-escape-string

i am trying escape some data before it goes into my database, but i keep getting this error:

Warning: mysql_real_escape_string(): Access denied for user

Now this would usually suggest that i have not connected to the database (it also states (using password: NO)).

I was a little confused by this because when connecting to a database i have a 'die' clause so if it fails to connect i get told about it. So i tested this theory by running a simple query in the same function that im trying to escape the data and it works just fine.

So why on earth won't the escape method work or get a connection to the database. I did notice that the user the error states is not the user i use to access the database its something like 'www-data@localhost'. Could it be trying to log in with a different user, if so why and how? Because i another area of my website the escape function works just fine and i didn't do anything special to make it work, just added the code into my web page.

thanks for the help.

Are there any other ways of sanitizing my code?

Okay, so here we go, when the user submits the form, i use AJAX to collect the data and put it into an obj to post(JSON encoding) it to the first PHP script which is here:

http://codepad.org/kGPljN4I

This script checks all the data is there and then calls a function to add it to the database

this Mysql class is called to escape the data and then add a new record to the database, when and instance of the class is made it makes a connection to the database:

http://codepad.org/wwGNrTJm

The third file is for constants, it holds the information for the database like pass, user and so on:

http://codepad.org/dl0QQbi9

any better?

thanks again for the help.

like image 903
ragebunny Avatar asked Dec 16 '22 03:12

ragebunny

1 Answers

The problem is that you have established your connection using MySQLi, but are then calling mysql_real_escape_string(). You intend to be calling mysqli_real_escape_string() either in procedural context, or object oriented contex.

class Mysql 
{
    private $conn;

    function __construct() 
    {

        $this->conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME) or 
                      die('No Connection to database!');
    }

    function add_non_member($data) 
    {
        $email = $data->email;

            // Procedural call
            $san_email = mysqli_real_escape_string($this->conn, $email);

            // Or OO call (recommended)
            $san_email = $this->conn->real_escape_string($email);

                // etc...
        }

  // etc...;
}
like image 133
Michael Berkowski Avatar answered Jan 15 '23 23:01

Michael Berkowski
Sign in to Comment

Related questions

heroku set document_root
PECL and PHP Build Directory
Write a faster combinatorics algorithm
How to create an Image in rails ? ( from as imagecreate () in php)
how to find a array of occurence of a character in a string
How to list 4 random products from a categoy in Magento
How to get a percentage of an array?
Implementing User Authorization in PHP and Javascript
What is best solution to get next and previous month from given date php
How to delete element and also shift the $key in array
How to use strings with variables in codeigniter's language files?
Does PHP script need to wait for MySql trigger to complete?
How can I build a nested HTML list with an infinite depth from a flat array?
Where to put $wpdb with OOP plugin / widget using and WP_widget extension
creating a master template in CodeIgniter
Are nested PHP includes CPU/memory intensive?
Order of Operations for echo statements
why is my MySQL query failing
Modify string, PHP
Determine if a email was sent successfully

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!