asked on

PHP: mysql_real_escape_string is not working in version 7.2

Dear Experts,

I have the following codes used to work in PHP 5.0 and suddenly it stop working after I upgraded to PHP 7.2

$query_sql = "SELECT * FROM wp_posts WHERE post_title = %s ORDER BY post_title;";
$query = sprintf($query_sql, mysql_real_escape_string($name));
$postquery = $wpdb->get_results("{$wpdb->prepare($query)}");

echo 'Rows: ' . count($postquery);

The row count return 0.

Please help. Thank you in advance.

lenamtl

Hi,

That was removed from v7
http://php.net/manual/en/function.mysql-real-escape-string.php

You should use PDO_MySQL or MySQLi instead

http://php.net/manual/en/migration70.php

Van N

ASKER

Hi lenamtl,

Would you show me some sample codes?

Thanks

lenamtl

Hi, I'm using PDO.

You will need to adapt all the MySQL request, PHP code and DB connection.
If you are using PHP Storm there is a way to find the code which is not compatible with v7.

You can check a good tutorial here about PDO
https://phpdelusions.net/pdo

You will learn how it work with the prepared statement https://phpdelusions.net/pdo#prepared
DB connection and everything you will need to know, there is some learning curve

There are some great tutorial on Udemy
https://www.udemy.com/courses/search/?q=php7&src=sac&kw=php7

Note:
I just realized that you are using WP, so you will need to update Wordpress to the latest version and adapt all your custom code.
https://themeisle.com/blog/upgrade-wordpress-to-php-7/

Van N

ASKER

Hi,

I already upgraded the WordPress to the current version 5.0.3.

Thanks.

lenamtl

Where this MySQL request come from?

Van N

ASKER

WordPress custom template.

ASKER CERTIFIED SOLUTION

lenamtl

membership

This solution is only available to members.