It should be like this:
<?php
$username="***";
$password="***";
$database="***";
mysql_connect("humbug",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$name = mysql_real_escape_string($_POST['name']);
$email = mysql_real_escape_string($_POST['email']);
$comments = mysql_real_escape_string($_POST['comments']);
/*
if (!$name || !$email || !$comments) die();
(or something like that)
*/
$query = "INSERT INTO remarks VALUES ('','$name','$email','$comments')";
mysql_query($query);
mysql_close();
?>
On 12/22/06, Paul Novitski <paul@xxxxxxxxxxxxxxxxxxx> wrote:
>RAFMTD (Ian) wrote:
...
>>$name = mysql_real_escape_string ($_POST['name']);
...
>>mysql_connect("humbug",$username,$password);
...
>>the script fails with the following report Warning:
>>mysql_real_escape_string(): Can't connect to local MySQL server through
>>socket '/var/run/mysqld/mysqld.sock' (2)
At 12/22/2006 05:36 AM, Stut wrote:
>You need to connect to the database before using mysql_real_escape_string.
Ian, this is a perfect example of when it comes in handy to consult
the documentation:
________________________
http://ca.php.net/manual/en/function.mysql-real-escape-string.php
string mysql_real_escape_string ( string unescaped_string [, resource
link_identifier] )
Escapes special characters in the unescaped_string, taking into
account the current character set of the connection....
...
link_identifier
The MySQL connection. If the link identifier is not specified,
the last link opened by mysql_connect() is assumed. If no such link
is found, it will try to create one as if mysql_connect() was called
with no arguments. If by chance no connection is found or
established, an E_WARNING level warning is generated.
________________________
Remember, my son, PHP-general helps those who help themselves.
Piously,
Poop Paul
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
