I am new to PHP and my sql. I created i register form for users to registee but i get this error
Fatal error:uncaught Error:Call to undefined mysql_real_escape_string()
. here is my code.
<?php
session_start();
$db = mysqli_connect("localhost", "dbnameuser","password","dbname");
if (isset($_POST['register_btn'])){
session_start();
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$password2 = mysql_real_escape_string($_POST['password2']);
if ($password == $password2){
$password =md5($password);
$sql = "INSERT INTO users(username,email,password) VALUES('$username','$email,'$password')";
mysqli_query($db, $sql);
$_SESSION['message'] = "You are now logged in";
$_SESSION['username'] = $username;
header("location: home.php");
}else{
$_SESSION['message'] = "The two passwords do not match";
}
}
?>
What I have tried:
I searched online and this site seems to have more info on the fix e.g
mysql_real_escape_string() extension
is removed, i dont know what exact syntax to enter for the
MySQLi or PDO_MySQL extension
they sugggest to use .