spetsacdc
05-18-2008, 05:08 PM
Hi, I have a webpage that uses jquery to send an input box data to a php file. The php file then inserts this data into the database and returns xml to the webpage which displays it.
<?php
require("requires/database.php");
foreach($_POST as $key => $value) $_POST[$key] = urldecode(trim($value)); //this was from a script I am modding so I am using it
$name = mysql_real_escape_string("$_POST[$name]"); //to make sure it is ok before putting it in the database.
header("Content-type: text/xml");
echo "<?xml version='1.0' encoding='ISO-8859-1'?>";
echo "<note>";
echo '<message>'.$name.'</message>';
echo "</note>";
?>
I get this error: Error: uncaught exception: [object Object] when I use
mysql_real_escape_string. If I use mysql_escape_string it works, but I read that this function shouldn't be used anymore.
Any ideas?
Thanks
<?php
require("requires/database.php");
foreach($_POST as $key => $value) $_POST[$key] = urldecode(trim($value)); //this was from a script I am modding so I am using it
$name = mysql_real_escape_string("$_POST[$name]"); //to make sure it is ok before putting it in the database.
header("Content-type: text/xml");
echo "<?xml version='1.0' encoding='ISO-8859-1'?>";
echo "<note>";
echo '<message>'.$name.'</message>';
echo "</note>";
?>
I get this error: Error: uncaught exception: [object Object] when I use
mysql_real_escape_string. If I use mysql_escape_string it works, but I read that this function shouldn't be used anymore.
Any ideas?
Thanks