Damagedcity.com Posted June 12, 2011 Posted June 12, 2011 After my host updated its php i have had lots of errors on my game. I have changed most of it to get rid of most the errors but i got this one im not sure how to change. $_POST['name'] = mysql_real_escape_string($_POST['name']); $_POST['class'] = abs(@intval($_POST['class'])); Here is the error displayed: Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'damagedc'@'localhost' (using password: NO) in /home/damagedc/public_html/business_create.php on line 17 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/damagedc/public_html/business_create.php on line 17 Quote
Damagedcity.com Posted June 12, 2011 Author Posted June 12, 2011 i use w3theory.com its because they updated the php so its cause the errors to now pop up Quote
Danny696 Posted June 12, 2011 Posted June 12, 2011 Thats not because of a php error, its a human error. You need to add your password to the config.php file. Quote
Damagedcity.com Posted June 12, 2011 Author Posted June 12, 2011 nope everything on config is correct it is a php error its to do with the mysql_real_escape_string() on line 17 which i have shown u otherwise i wouldnt be able to logon have crons etc. Quote
Danny696 Posted June 12, 2011 Posted June 12, 2011 Oh sorry, if your soo good at PHP, surley you would have fixed it. Right? Im telling you, if your using W3theory, then you need a password, I know you havent got one. Quote
Dominion Posted June 12, 2011 Posted June 12, 2011 Check you, or an error somewhere, does not close the database connection anywhere. Quote
Damagedcity.com Posted June 12, 2011 Author Posted June 12, 2011 fixed i just done this to avoid the problem and it seems to work $_POST['name'] = ($_POST['name']); $_POST['class'] = abs(@intval($_POST['class'])); Quote
lucky3809 Posted June 12, 2011 Posted June 12, 2011 (edited) well that does not make sense to have... $_POST['name'] = ($_POST['name']); take off the () no need for them you removed the mres... I doubt it had anything to do with the new php upgrade... Edited June 12, 2011 by lucky3809 Quote
Dominion Posted June 12, 2011 Posted June 12, 2011 The line is useless with or without the () it's just like saying 1 = 1; when 1 is already 1... I would also assume Mres was there to stop sql injection? you just opened yourself up for that... Quote
lucky3809 Posted June 12, 2011 Posted June 12, 2011 haha true because your calling the same thing Quote
Danny696 Posted June 12, 2011 Posted June 12, 2011 i just done this to avoid the problem and it seems to work $_POST['name'] = ($_POST['name']); $_POST['class'] = abs(@intval($_POST['class'])); Yeh you fixed it, but now i add a nice sql injection Quote
Damagedcity.com Posted June 12, 2011 Author Posted June 12, 2011 it was for sql injection but it didnt seem to work so yeah ill just make it 1=1 Quote
Danny696 Posted June 12, 2011 Posted June 12, 2011 So you want an insecure site instead of actually fixing it? Pfft, didnt think n00bs could be that lazy Quote
Dominion Posted June 12, 2011 Posted June 12, 2011 it was for sql injection but it didnt seem to work so yeah ill just make it 1=1 what? Maybe post your file so we can help? Quote
Damagedcity.com Posted June 12, 2011 Author Posted June 12, 2011 just for now until i find how to secure that bit noob:P Quote
Damagedcity.com Posted June 12, 2011 Author Posted June 12, 2011 die ('You are part of a job/company at this time, leave to start a new one.'); } echo '<p class="heading">Create Company</p>'; $_POST['name'] = $_POST['name']; $_POST['class'] = abs(@intval($_POST['class'])); if($_POST['name'] AND $_POST['class']) Quote
rulerofzu Posted June 12, 2011 Posted June 12, 2011 Sorry but upgrading PHP is not responsible for that. Go to http://www.php.net check the changelog for the version. I know for a fact that mysql_real_escape_string works on the latest version of PHP. So does everyone else that uses php so the error lies elsewhere. Quote
a_bertrand Posted June 13, 2011 Posted June 13, 2011 You simply need to open the mysql connection BEFORE you can do mysql_real_escape_string, that's your problem. I believe you do it before any config. Quote
Dave Posted June 13, 2011 Posted June 13, 2011 Pick apart the error and it's very obvious. Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied (So you don't have access...) for user 'damagedc'@'localhost' (using password: NO(You've not set a password in config.php)) in /home/damagedc/public_html/business_create.php on line 17 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established(No connection) in /home/damagedc/public_html/business_create.php on line 17 Which clearly shows your information to connect to the MySQL server is incorrect. You'll need to find the correct information (as others have said) and input it into your config.php file, considering you need to be connected to the MySQL server before mysql_real_escape_string will work. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.