+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: mysql_real_escape_string() expects parameter 1 to be string, array given (/showthread.php?tid=65049)
mysql_real_escape_string() expects parameter 1 to be string, array given - cupboy - 04-22-2016
Code:
foreach($q->result_array() as $row) {
$descs[] = mysql_real_escape_string($row); // Message: mysql_real_escape_string() expects parameter 1 to be string, array givenIf I attempt to fix the problem with the quotes inside the view instead I get this error:
Message: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user....
RE: mysql_real_escape_string() expects parameter 1 to be string, array given - Wouter60 - 04-23-2016
Keep in mind the every element of the result_array() is an array itself. Usually it contains the fields you requested from your database.
I guess that one of your fields is named 'description'.
If that is the case, modify the foreach loop like this:
PHP Code:
foreach($q->result_array() as $row) {
$descs[] = mysql_real_escape_string($row['description']);
}
RE: mysql_real_escape_string() expects parameter 1 to be string, array given - Happy Camper - 04-23-2016
(04-23-2016, 12:56 AM)Wouter60 Wrote: Keep in mind the every element of the result_array() is an array itself. Usually it contains the fields you requested from your database.
I guess that one of your fields is named 'description'.
If that is the case, modify the foreach loop like this:
I question if you really need the mysql_real_escape_string with CodeIgniter. I never use it, and I never encountered problems with strings that have quotes or special characters.PHP Code:foreach($q->result_array() as $row) {
$descs[] = mysql_real_escape_string($row['description']);
}
That's correct but it seems OP is looping through a query result. The mysql_real_escape_string() function is only for data being inserted into the database, so is not needed here.
At least that's how I do it - otherwise I've been doing it wrong all this time!
RE: mysql_real_escape_string() expects parameter 1 to be string, array given - InsiteFX - 04-23-2016
mysql_real_escape_string — Escapes special characters in a string for use in an SQL statement.
If your using CI it escapes the query for you.
RE: mysql_real_escape_string() expects parameter 1 to be string, array given - cupboy - 04-23-2016
I ended up using a str_replace to get those quotes escaped before making a javascript array out of the data. Wasn't really using it to insert data going into a table... that's where the data is coming from.
RE: mysql_real_escape_string() expects parameter 1 to be string, array given - ivantcholakov - 04-24-2016
@cupboy
1. You are trying to apply a function to a column in the returned array. What this function is going to do, what the goal is?
2. mysql_real_escape_string() is a function for escaping value when you prepare a SQL statement. You apply it on the returned result. Why?
3. mysql_real_escape_string() belongs to a certain SQL driver that is deprecated and as far as I know removed in PHP7.
4. mysql_real_escape_string() probably does not match to the current database driver that CodeIgniter uses. If you need such an escaping, see in documentation what routines the Database class provides.
Remove this code, explain exactly what you intend to do.
RE: mysql_real_escape_string() expects parameter 1 to be string, array given - cupboy - 04-24-2016
1. The goal is to put the results into a javascript array that requires the same type of escaping as an SQL statement
3. Fixed that to be mysqli instead.
I've fixed all this and the code is fine now.
RE: mysql_real_escape_string() expects parameter 1 to be string, array given - ivantcholakov - 04-24-2016
No, you haven't.