From 4aac5d83bda58b18c6a577bcf1599a9afca2d022 Mon Sep 17 00:00:00 2001
From: Philip Olson <philip@php.net>
Date: Fri, 4 Sep 2015 21:04:10 +0000
Subject: [PATCH] Better late than never. Demonstrate that a connection is
 required, and what happens when one is not.

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@337755 c90b9560-bf6c-de11-be94-00142212c4b1
---
 .../functions/mysql-real-escape-string.xml    | 43 +++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/reference/mysql/functions/mysql-real-escape-string.xml b/reference/mysql/functions/mysql-real-escape-string.xml
index bdc20018be..89da8e9972 100644
--- a/reference/mysql/functions/mysql-real-escape-string.xml
+++ b/reference/mysql/functions/mysql-real-escape-string.xml
@@ -77,6 +77,15 @@
   </para>
  </refsect1>
 
+ <refsect1 role="errors">
+  &reftitle.errors;
+  <para>
+   Executing this function without a MySQL connection present will
+   also emit <constant>E_WARNING</constant> level PHP errors. Only
+   execute this function with a valid MySQL connection present.
+  </para>
+ </refsect1>
+ 
  <refsect1 role="examples">
   &reftitle.examples;
   <para>
@@ -98,6 +107,40 @@ $query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'",
     </programlisting>
    </example>
   </para>
+  <para>
+   <example>
+    <title><function>mysql_real_escape_string</function> requires a connection example</title>
+    <para>
+     This example demonstrates what happens if a MySQL connection is not
+     present when calling this function.
+    </para>
+    <programlisting role="php">
+<![CDATA[
+<?php
+// We have not connected to MySQL
+
+$lastname  = "O'Reilly";
+$_lastname = mysql_real_escape_string($lastname);
+
+$query = "SELECT * FROM actors WHERE last_name = '$_lastname'";
+
+var_dump($_lastname);
+var_dump($query);
+?>
+]]>
+    </programlisting>
+    &example.outputs.similar;
+    <screen>
+<![CDATA[
+Warning: mysql_real_escape_string(): No such file or directory in /this/test/script.php on line 5
+Warning: mysql_real_escape_string(): A link to the server could not be established in /this/test/script.php on line 5
+
+bool(false)
+string(41) "SELECT * FROM actors WHERE last_name = ''"
+]]>
+    </screen>
+   </example>
+  </para>
   <para>
    <example>
     <title>An example SQL Injection Attack</title>