1

Ok. I have this little bit of code that is supposed to use text and boolean fields in an html form to search a mysql database. This is a learning project so no rush.

The idea is it is supposed to check the text fields for input and look and see if the checkboxes have anything in them. The checkboxes work fine but when I add the code for the textbox postcode I get the dreaded.

"Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\criteriasearch.php on line 36"

I cannot quite figure this out. Here is the code for the checkboxes. This works fine on it's own.

if(isset($_POST['search']) && !empty($_POST['search'])){
foreach($_POST['search'] as $key=>$value){
    if($value==1) $search[] = "$key";
 $searchstring = implode(' AND ', $search);

}

When I add the following code:

    $post_map = array(
 'postcode'=>'candidate_contact_details.postcode'
     );

 if(isset($_POST['postcode']) && !empty($_POST['postcode'])) {

 foreach ($_POST['postcode'] as $key) {
 if (array_key_exists($key, $post_map));

    $search[] = $post_map[$key] . '=' . mysql_real_escape_string($value);

 }

It just gives me access is denied on that section but the first section works. I am pretty sure I have something wrong with brackets or such but cannot for the life of me work it out and any assistance would be appreciated.

Thanks In Advance

Improve this question
2
  • I'm guessing there shouldn't be a ; on this line right? "if (array_key_exists($key, $post_map));" Commented Aug 2, 2011 at 16:29
  • Thanks. the semicolon was stopping it. I just need to figure out how to get it to search now. The checkbox section works fine but the text box called postcode is not. Am going to check some things. Commented Aug 2, 2011 at 16:37

1 Answer 1

Reset to default
1

Try passing the link identifier from your mysql_connect call as the second parameter to mysql_real_escape_string. In order to function it requires an already established MySQL connection.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Could you by any chance give me a brief sample. I am still new to this and am working my way around things. I assume you are refering to the line $search[] = $post_map[$key] . '=' . mysql_real_escape_string($value);
No problem. You have to call mysql_connect before you are able to use mysql_real_escape_string and on a successful connect mysql_connect returns a link identifier. So sample code would look like $link = mysql_connect($host, $user, $password); then you could simply rewrite your line to this: $search[] = $post_map[$key].'='.mysql_real_escape_string($value, $link)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.