Joomla access denied for www-data while using mysql_real_escape_string()

Question

I have used mysql mysql_real_escape_string($somevariable) in my code developed using Joomla! api. Everything is working perfectly except that this question is showing error.

mysql_real_escape_string(): Access denied for user 'www-data'@'localhost' (using password: NO) in /var/www/JOOMLA/components/com_quiz/models/questions.php

I searched on internet and got following solution: create a $con=mysql_connect(....); and pass this as the 2nd parameter in mysql_real_escape_string($somevariable,$con) which works fine.

The thing is I am using Joomla API every where in my code.So ho can i use the default Joomla db object $db =& JFactory::getDBO(); for this??

Basically I want something like $db =& JFactory::getDBO(); mysql_real_escape_string($somevariable,$db)

but it shows error: mysql_real_escape_string() expects parameter 2 to be resource, object given in /var/www/JOOMLA/components/com_quiz/models/questions.php on line 85

Thank you.

Answer 1

If you're using the Joomla database object to do your queries, why would you want to use the mysql library's escaping function? You don't need to. Follow this Joomla wiki entry which shows you how to create properly escaped SQL queries using their DBO.

Answer 2

Use instead $db->quote($somevariable);