Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Ok, I’m trying to clean my code from injections, etc,etc. and I’m getting this fatal error:
Fatal error: Can’t use function return value in write context in….
Here’s the line where it throws the error:
$val=mysql_real_escape_string($val)=$_SESSION['val']=strip_tags($_POST['val']);
Why is it throwing this error?
UPDATE: ok, thanks for the answers, I moved mysql_real_escape_string($val) to another part in the code, this fixed the error.
You’re assigning a value (return of
strip_tagsthat is stored in$_SESSION['val']) to a function !I guess you want this:
and about using
strip_tagson a http parameter look at this:http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc
Another thing to note:
Please stop writing new code with the ancient mysql_* functions. They are no longer maintained and community has begun the deprecation process. Instead you should learn about prepared statements and use either PDO or MySQLi. If you cannot decide, this article will help to choose. If you care to learn, here is a quite good PDO-related tutorial.