MyBB Community Forums

MyBB Community Forums > Extensions > Plugins > Plugin Development > mysqli_real_escape_string
Full Version: mysqli_real_escape_string
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Achilles

2015-02-03, 07:18 AM
Quick question, I was wondering what were the 2 parameters in mysqli_real_escape_string.
For example, here is my code:

$report = mysql_real_escape_string($_POST['winner']); // Escapes special characters

However, I need to have 2 parameters, meaning it should be something like

$report = mysql_real_escape_string($mysqli, $_POST['winner']); // Escapes special characters

However, $mysqli doesn't seem to be the variable I'm looking for with MyBB.
What is a variable I can use that will represent a connection with MyBB?

Euan T

2015-02-03, 09:09 AM
Just use this:

global $mybb, $db;

$report = $db->escape_string($mybb->get_input('winner'));

String escaping is built in to the database class and uses mysql_real_escape_string() under the hood.
MyBB Community Forums > Extensions > Plugins > Plugin Development > mysqli_real_escape_string