Im trying to convert mysql_real_escape_string() into mysqli and have been trying with:
$mysqli->real_escape_string($this->email);
However this brings up an error and doesn't seem to work. The error:
Undefined variable: mysqli in..
... Which refers to this line: $mysqli->real_escape_string($this->name),
Any suggestions on how I get this to work in my setup?
class registerForm {
var $name;
var $email;
function registerContactFormular(){
}
function init() {
//some different init stuff
return true;
}
function save() {
if(isset($_REQUEST['field'])) {
$sql = sprintf("
INSERT INTO contact (
name,
email)
VALUES ('%s','%s','%s)",
mysqli_real_escape_string($this->name),
mysqli_real_escape_string($this->email));
$res = mysql_query($sql) or die( mysql_error());
}
if($res) {
return true;
}
}
}