Fatal error: uncaught error: call to undefined function mysql_real_escape_string()

Question

1.00/5 (1 vote)

See more:

we are getting this error during register.php
Fatal error: Uncaught Error: Call to undefined function mysql_real_escape_string()

What I have tried:

on registration php i m getting this error

Posted 31-Mar-17 7:41am

Member 13097810

Updated 23-Jun-22 20:20pm

Add a Solution

Comments

Richard Deeming 31-Mar-17 14:51pm

That means there's an error somewhere in your secret code.

But since you've declined to share any of the relevant code with us, we can't tell you where, or how to fix it.

All we can tell you is that you're trying to call a function called mysql_real_escape_string, and that function is not defined.

Bryian Tan 31-Mar-17 16:57pm

Maybe that function is obsolete depending on the PHP version that the application is using. My gut feeling is, the application should use mysqli_real_escape_string(). We don't know until the day you decide to share your secret code ...

PHP: mysql_real_escape_string - Manual[^]

3 solutions

Solution 3

<?php
	$username = "";
	$email = "";
	$errors = array();
		// connect to the database
	$db = mysqli_connect('localhost', 'root', '', 'registration');

	// if register button is clicked

	if(isset($_POST['register'])){
		$username = mysql_real_escape_string($_POST['username']);
		$email = mysql_real_escape_string($_POST['email']);
		$password_1 = mysql_real_escape_string($_POST['password_1']);
		$password_2 = mysql_real_escape_string($_POST['password_2']);

		//ensure that the form field are filled properly

		if (empty($username)) {
			array_push($errors, "Username is required"); 
		}
		if (empty($email)) {
			array_push($errors, "Email is required"); 
		}
		if (empty($password_1)) {
			array_push($errors, "Password is required"); 
		}
		if (empty($password_1 != $password_2)) {
			array_push($errors, "Two password do not match"); 
		}

		// if there are no errors, save user to the database
		if (count($errors) == 0) {
			$password = md5($password_1); //encrypt password before storing in database (security)
			$sql = "INSERT INTO users (username, email, password) 
						VALUES ('$username','$email', '$password')";
			mysqli_query($db,$sql);
		}

	}
?>

Posted 10-Sep-18 19:33pm

Member 13029774

Comments

Richard Deeming 11-Sep-18 12:15pm

The question has already been solved.

And the md5 function[^] specifically warns that it is not suitable for securing passwords. You should be using password_hash[^] and password_verify[^] instead.

PHP: Password hashing FAQ[^]

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Jochen Arndt · Accepted Answer · 2017-04-03T00:30:00

Read the mysql_real_escape_string()[^] documentation:

Quote:
Warning This extension was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:

mysqli_real_escape_string()[^]

PDO::quote()[^]

Member 13097810 · Accepted Answer · 2017-04-01T02:59:00

pls find my code

<html>
	<head>
		<title>BHARAT HILLS</title>
	</head>
	<body>
		<h2>Registration Page</h2>
		<a href="index.php">Click here to go back</a><br/><br/>
		<form action="register.php" method="POST">
		Enter Username:  <input type="text" Name ="username" required ="required"/><br/><br/>
		Enter password:  <input type="password" name="password" required="required"/><br/>
		<input type="submit" value="register"/>
		</form>
	</body>
</html>

<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
		$username=mysql_real_escape_string($_POST['username']);
		$password=mysql_real_escape_string($_POST['password']);
	$bool=true;
	
		mysql_connect("localhost", "root","") or die(mysql_error());//connect to server
		mysql_select_db("first_db") or die("cannot connect to database");//connect to database
		$query=mysql_query("select * from Users"); //query the user table
		while($row=mysql_fetch_array($query)) //display all rows from query
		{
				$table_users=$row['username']; //the first username row is passed on to $table_users,and so on untill the query is finish
				if($username==$table_user)// checks if there are any matching fields
				{
						$bool=false;//sets bool to false
						print'<script>alert("username has been taken!"):</script>';//redirects to register.php
						
				}
		}
		
		if($bool) //checks if bool is true
		{
				mysql_query("insert into user (username,password) values ('$username','$passwors')");//inset the vallue to table users
				print '<script>alert("Successfully Registered!");</script>';//prompts the user
				print '<script>window.location.assign("register.php");</script>';//redirect to register.php
				}
				
				}
?>

Fatal error: uncaught error: call to undefined function mysql_real_escape_string()

3 solutions

Solution 2

Solution 1

Solution 3

Add your solution here

Preview 0