mysqli_escape_string() expects Exactly 2 Parameters, 1 Given

Asked

Viewed 3,563 times

5

I am facing an error in my code, when I run the server behavior of DW C6, when the step of mysql_ for mysqli_, then I get an error in the function executed on line 10.

The mistake is:

Warning: mysqli_escape_string() expects Exactly 2 Parameters, 1 Given in C: wamp www Lojavirtualdin footer.php on line 10

This is the code line:

$theValue = function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($theValue) : mysqli_escape_string($theValue);

Esse é o código:

<?php require_once('Connections/config.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($theValue) : mysqli_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['login'])) {
  $loginUsername=$_POST['login'];
  $password=$_POST['senha'];
  $MM_fldUserAuthorization = "nivel";
  $MM_redirectLoginSuccess = "admin/painel.php";
  $MM_redirectLoginFailed = "admin/index.php";
  $MM_redirecttoReferrer = false;
  mysqli_select_db($config,$database_config);

  $LoginRS__query = sprintf("SELECT usuario, senha, nivel FROM lp_users WHERE usuario=%s AND senha=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 

  $LoginRS = mysqli_query($config, $LoginRS__query) or die(mysqli_error());
  $loginFoundUser = mysqli_num_rows($LoginRS);
  if ($loginFoundUser) {

    $loginStrGroup  = mysql_result($LoginRS,0,'nivel');

    if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;       

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];  
    } 
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

Could someone help me understand this mistake?

php mysqli

  • Do not use this code o.o. when the mysqli functions are used the first argument is always the connection, this is what says the error.

  • I changed my answer see if it is correct, if there is an error leave it in the comment. Put the link to where you found this code

  • Mark an answer as accepted, see more details on: How and why to accept an answer?

3 answers

4

When the mysqli functions are used the first argument is always the connection, this is what the error says. A documentationshow how the call should be:

string mysqli_real_escape_string ( mysqli $link , string $escapestr )

Change the occurrences of:

 $theValue = function_exists("mysqli_real_escape_string") ? 
  mysqli_real_escape_string($theValue) : mysqli_escape_string($theValue);

For:

 $theValue = function_exists("mysqli_real_escape_string") ? 
  mysqli_real_escape_string($config, $theValue) : mysqli_escape_string($config, $theValue);

Prefer to use prepares statements when using this Generic code, remember to change mysql_result() in your code.

  • Yes I’ve already made that change, but the mistake persists,.

  • @Aulo, you changed twice?

  • yes I changed, what happens, when I make the so-called variable it is not recognized inside the parenthesis where the variable $config goes

  • This is because you only require the setting after using the connection link. You have to do require first.

  • 1

    Yes, dear, I thank you very much for your affection, but I am a beginner I am all confused, and I recognize that I do not know how to proceed, but thank you very much for your help. Thank you.

  • Resolvido.Fiz a chamada do 'include' abaixo da linha:function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") &#xA;{, na lnha do erro: mysqli_real_escape_string($config, $theValue), fiz a chamada do $link. It all worked out. Thank you so much for your help.Ok!

  • 1

    Cool @Aulo :D, has some materials on php wiki if you want to see, have some useful tips.

  • How nice that Christ Jesus blesses you.

Show 3 more comments

3

2

The error happens because the function mysqli_real_escape_string expects to receive 2 parameters in procedural mode.

string mysqli_real_escape_string ( mysqli $link , string $escapestr )

And only 1 parameter in guided mode.

string mysqli::real_escape_string ( string $escapestr )

Documentation for php

Browser other questions tagged php mysqli

You are not signed in. Login or sign up in order to post.