diff --git a/reference/mysql/functions/mysql-real-escape-string.xml b/reference/mysql/functions/mysql-real-escape-string.xml index bdc20018be..89da8e9972 100644 --- a/reference/mysql/functions/mysql-real-escape-string.xml +++ b/reference/mysql/functions/mysql-real-escape-string.xml @@ -77,6 +77,15 @@ + + &reftitle.errors; + + Executing this function without a MySQL connection present will + also emit E_WARNING level PHP errors. Only + execute this function with a valid MySQL connection present. + + + &reftitle.examples; @@ -98,6 +107,40 @@ $query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'", + + + <function>mysql_real_escape_string</function> requires a connection example + + This example demonstrates what happens if a MySQL connection is not + present when calling this function. + + + +]]> + + &example.outputs.similar; + + + + + An example SQL Injection Attack