0

I have a php program that uses cookies to store data across pages and redirects. I want to use mysql_real_escape_string() before sending them to my server, so far my code looks like this

$master_string = $_COOKIE["master_string"];
$order_name = mysqli_real_escape_string($_COOKIE["name"]);
$order_mail = $_COOKIE["mail"];

echo $order_name;

I have already checked that my sqli connection has been made, the resulting data inserted to my table is blank and so is the echo.

Improve this question

2 Answers 2

Reset to default
1

You have missed the connection parameter in mysqli_real_escape_string($_COOKIE["name"]);

Correct syntax: mysqli_real_escape_string($connection, $_COOKIE["name"]);

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I've tried that, yet it is only returning a string without escaping any slashes or \n from it
Please, store this returned data to database table and you will see the changes. mysqli_real_escape_string does not remove the special characters instead converts to htmlentities. When you echo htmlentities, it will display the character.
I did use the correct syntax and inserted the variable into my database and was still coming up with //'s
$master_string = mysqli_real_escape_string($conn,$_COOKIE["master_string"]); I feel as though it may be the fact that I am using cookies
0

First Check cookies working or not than

You need enable Mysqli_connect

$connection = mysqli_connect;
$order_name  = mysqli_real_escape_string($connection , trim($_COOKIE['name']));
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.