Why Does `mysqli_real_escape_string()` Throw a 'expects exactly 2 parameters, 1 given' Error?

Handling "mysqli_real_escape_string() expects exactly 2 parameters, 1 given" Error

In PHP, the mysqli_real_escape_string() function is essential for preventing SQL injection vulnerabilities. However, developers often encounter the error "mysqli_real_escape_string() expects exactly 2 parameters, 1 given."

To understand this error, let's examine the function's declaration:

string mysqli_real_escape_string(mysqli $link, string $escapestr)

It requires two parameters:

1. $link: A link to a MySQLi connection
2. $escapestr: The string to be escaped

In the code snippet you provided, you are missing the $link parameter:

if (phpversion() >= '4.3.0') {
    $string = mysqli_real_escape_string($string);
} else {
    $string = mysqli_escape_string($string);
}

To resolve the error, you need to provide the correct number of parameters. For example:

if (phpversion() >= '4.3.0') {
    $string = mysqli_real_escape_string($mysqli, $string);
} else {
    $string = mysqli_escape_string($mysqli, $string);
}

Here, $mysqli represents a valid MySQLi connection link.

The above is the detailed content of Why Does `mysqli_real_escape_string()` Throw a 'expects exactly 2 parameters, 1 given' Error?. For more information, please follow other related articles on the PHP Chinese website!