Closed paulshannon closed 8 years ago
Ah, so you're using the mysqli driver but there's a mysql_escape_string() slipping through? I think I noticed that before (it's a backup when something else doesn't exist). I'll take a look and report back.
Hi @paulshannon,
Sorry it took me so long to circle back to this. As to the deprecation warning, CodeIgniter should only get to 'mysql_escape_string' in the event that mysqli_real_escape_string() doesn't exist (this is from system/database/drivers/mysqli/mysqli_driver.php):
if (function_exists('mysqli_real_escape_string') AND is_object($this->conn_id))
{
$str = mysqli_real_escape_string($this->conn_id, $str);
}
elseif (function_exists('mysql_escape_string'))
{
$str = mysql_escape_string($str);
}
else
{
$str = addslashes($str);
}
Odd thing is, why would your system have mysqli operating, but the function 'mysqli_real_escape_string' not exist?
Here's some simple PHP that I ran on scalar.usc.edu, it returned "1",
echo 'mysqli_real_escape_string exists? ';
echo function_exists('mysqli_real_escape_string');
Curious your thoughts?
Hey guys, just wanted to throw my two cents into the ring - I've run into this a bunch, and just to break down the way CodeIgniter decides which PDO to use:
So, if your server is able to use mySQLi (and it should be, if your PHP version is throwing deprecated errors), the only reason we would move to 2 would be if the DB connection had trouble connecting to the MySQL server (and thus, we would get DEPRECATED warnings.) So, in a nutshell - could you check to make sure that your DB connection settings are correct, and that you don't have any errors in either your apache, codeigniter, or mysql logs? Lucas
On Sat, Jun 25, 2016 at 7:23 PM, Craig Dietrich notifications@github.com wrote:
Hi @paulshannon https://github.com/paulshannon,
Sorry it took me so long to circle back to this. As to the deprecation warning, CodeIgniter should only get to 'mysql_escape_string' in the event that mysqli_real_escape_string() doesn't exist (this is from system/database/drivers/mysqli/mysqli_driver.php):
if (function_exists('mysqli_real_escape_string') AND is_object($this->conn_id)) { $str = mysqli_real_escape_string($this->conn_id, $str); } elseif (function_exists('mysql_escape_string')) { $str = mysql_escape_string($str); } else { $str = addslashes($str); }
Odd thing is, why would your system have mysqli operating, but the function 'mysqli_real_escape_string' not exist?
Here's some simple PHP that I ran on scalar.usc.edu, it returned "1",
echo 'mysqli_real_escape_string exists? '; echo function_exists('mysqli_real_escape_string');
Curious your thoughts?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/anvc/scalar/pull/31#issuecomment-228580629, or mute the thread https://github.com/notifications/unsubscribe/ABWWCHmflzo9KSxOCFtqOaqsEM9UMLGzks5qPeKHgaJpZM4HhAS8 .
No particular thoughts on this @craigdietrich; I'm at a new job and don't use PHP much,
@paulshannon Ah, okay, no worries. Are you still working with Scalar?
Nope.
Remove DEPRECATED php warnings (mysqli and other are throwing them in recent php installs)