Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

mysql_real_escape_string not using current DB connection


Go to End


3 Posts   1728 Views

Avatar
sirocco

Community Member, 14 Posts

24 August 2014 at 2:26am

Edited: 24/08/2014 3:34am

Hi

This something weird I cannot figure out. Basically:

I have two environments, DEV and STAGING, with the same revision of my codebase deployed on each (SilverStripe 3.1).

I have a call to mysql_real_escape_string used in a Page method.

The code works fine in my DEV environment, but in STAGING I am getting the error:

[Warning] mysql_real_escape_string(): Access denied for user 'www-data'@'localhost' (using password: NO)

This is very strange, as it looks like the mysql_real_escape_string method in my STAGING environment is behaving as though there is no currently open DB connection at the time of invocation, and so is trying to open a new connection with default (apache user, no password etc.) connection details, and obviously failing.

I have verified that there is indeed an open DB connection just prior to this call in STAGING by doing:

 Debug::show(DB::getConn());

This outputs:

MySQLDatabase::__set_state(array( 
'dbConn' => mysqli::__set_state(array( 'affected_rows' => NULL, 'client_info' => NULL, 'client_version' => NULL, 'connect_errno' => NULL, 'connect_error' => NULL, 'errno' => NULL, 'error' => NULL, 'field_count' => NULL, 'host_info' => NULL, 'info' => NULL, 'insert_id' => NULL, 'server_info' => NULL, 'server_version' => NULL, 'stat' => NULL, 'sqlstate' => NULL, 'protocol_version' => NULL, 'thread_id' => NULL, 'warning_count' => NULL, )), 
'active' => true, 
'database' => 'cms1_svn_1234_rc1', 
'supportsTransactions' => true, 'supressOutput' => false, 'tableList' => NULL, 'fieldList' => NULL, 'indexList' => NULL, 'schemaIsUpdating' => false, 'schemaUpdateTransaction' => NULL, ))

Am very confused. There is obviously something different between my DEV and STAGING setups. The codebase is identical, and while the specifics of the DB connection are different (different database names, users, etc) between the two that doesn't account for this issue. The STAGING environment has no problem accessing the DB - all the content is served correctly (even during the request where this issue arises).

Can anybody think of why this function call is behaving this way in one environment and not another?

Thanking anyone in advance!

UPDATE: just in case anyone is wondering, the reason I'm using this function in the first place is because a SQLQuery is using a slightly more complicated than run-of-the-mill query for which the standard parameter binding constructs can't be used.

Avatar
(deleted)

Community Member, 473 Posts

24 August 2014 at 11:54am

This is because you're using the mysql functions whereas SilverStripe uses MySQLi. Use DB::getConn()->addSlashes() instead.

Avatar
sirocco

Community Member, 14 Posts

24 August 2014 at 11:37pm

Many thanks! Have updated that and works without issue.

Still confused as to why it seemed to be working in my DEV env, but how and ever....