Mysqli_real_escape_string () returns an empty string

Question

Mysqli_real_escape_string () returns an empty string

I use mysqli_real_escape_string () to an email address and returns an empty string. He does this with any email address.

<?php //from previous page - submitted by user. $_POST['email']=" aehmlo@aehmlo.com "; $_POST['password']='mypass1234'; //Link, I can verify it works. $mysql_info=array( "url"=>"url", "username"=>"username", "password"=>"password", "database"=>"database" ); $link=mysqli_connect($mysql_info['url'],$mysql_info['username'],$mysql_info['password'],$mysql_info['database']); //Now I attempt to sanitize the user input. $email=mysqli_real_escape_string($link,$_POST['email']); $password=sha1(mysqli_real_escape_string($link,$_POST['password'])); var_dump($email); var_dump($password);?>

My collation table is "latin1_swedish_ci".

+4

php mysql

Aehmlo Mar 04 '13 at 3:20

source share

2 answers

I had this problem and I found that my character set is set to Latin. Solved by posting

 $con->set_charset("utf8");

before real_escape_string. There will be mysqli_set_charset in procedural style.

-1

Frank ahearn Jul 25 '17 at 20:30

source share

Kermit · Accepted Answer · 2013-03-04T03:24:49+0000

If your connection is empty ( $link ), it will return an empty string. I tested this and it worked fine. I would recommend that you add error handling to your connection and enable error reporting.

 <?php $link = mysqli_connect("localhost", "root", "root", "test"); /* check connection */ if (mysqli_connect_errno()) { printf("Connect failed: %s\n", mysqli_connect_error()); exit(); } $_POST['email'] = " aehmlo@aehmlo.com "; $email = mysqli_real_escape_string($link, $_POST['email']); var_dump($email); mysqli_close($link); ?>

Result

  string (17) " aehmlo@aehmlo.com "

Mysqli_real_escape_string () returns an empty string

More articles: