Can some one please explain why this simple form doesnt work?
The problem is that when I use mysql_real_escape_string() the result are nothing, when I remove it it works perfectly can you please see whats wrong here?
This is the full simple code,
<?php
// Loop the post fields
$postFields = array('username', 'password', 'checkSubmission');
$postArray = array();
foreach($postFields as $postVal){
$postArray[$postVal] = mysql_real_escape_string($_POST[$postVal]);
}
print_r($postArray);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Signin</title>
<head>
</head>
<body><? echo $error;?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post" id="signinForm">
Username: <input type="text" name="username" value="" />
Password: <input type="password" name="password" value="" />
<input type="hidden" name="checkSubmission" value="1" />
<input type="submit" name="Submit" value="Signin" />
</form>
</body>
</html>
EDIT:
The print_r() is empty when I use mysql_real_escape_string()
Array ( [username] => [password] => [checkSubmission] => )
And this is the print_r() without mysql_real_escape_string()
Array ( [username] => thre[password] => werr[checkSubmission] => 1)
Thank you for you help
mysql_real_escape_string()requires an active database connection.From the php manual:
http://php.net/manual/en/function.mysql-real-escape-string.php