1

I've been using phpdao2.6 on a local Mac MAMP installation and another remote red hat linux server fine. I've recently moved to an EC2 amazon ubuntu flavour and installed a LAMP set up.

Suddenly I've found I'm getting mysql connection errors, but not always:

[09-Jul-2013 21:09:11 Australia/Sydney] PHP Warning:  mysql_real_escape_string(): Access denied for user 'ec2-user'@'localhost' (using password: NO) in /var/www/html/mycobber/class/sql/SqlQuery.class.php on line 40

[09-Jul-2013 21:09:11 Australia/Sydney] PHP Warning:  mysql_real_escape_string(): A link to the server could not be established in /var/www/html/mycobber/class/sql/SqlQuery.class.php on line 40

I only get these errors on functions in the MyObjectMySqlExtDAO.class.php if I'm using the 

$sql .= 'and ca.enabled = ? ';

.....

$sqlQuery = new SqlQuery($sql);

$sqlQuery -> set('Y');

style syntax. If I change this syntax to ..

$sql .= " and ca.enabled = 'Y' ";

It works fine. I'm at a loss to understand why this is happening and I don't want to use the second method as the input is not sanitized.

I suspect the issue is a php setting of some kind.

On the EC2 instance I'm using:

php: 5.3.26
apache: Apache/2.2.24 (Amazon)

My local MAMP setup is

php: 5.4.10
apache: Apache/2.2.23 (Unix)

Any ideas out there?

Charles
  • 50,943
  • 13
  • 104
  • 142
sapatos
  • 1,292
  • 3
  • 21
  • 44
  • this error says your password is wrong Access denied for user 'ec2-user'@'localhost' (using password: NO) – Sundar Jul 10 '13 at 11:08
  • 1
    A link to the server could not be established this error confirm this something went wrong like hostname, username, password – Sundar Jul 10 '13 at 11:09
  • possible duplicate of [MySQLi & mysql\_real\_escape\_string() Errors](http://stackoverflow.com/questions/5080953/mysqli-mysql-real-escape-string-errors) – Charles Jul 10 '13 at 17:12

2 Answers2

1

So that escaping can take the current connection character set into account, mysql_real_escape_string needs an active connection to the database. According to linked manual page:

If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If no connection is found or established, an E_WARNING level error is generated.

Emphasis added.

In this DAO library, the connection is opened by invoking ConnectionFactory::getConnection(). You'll need to ensure that there's an active connection before performing placeholder substitution.

Please be aware that the code quality of this library leaves something to be desired. It's also hard-coded to use the deprecated mysql_ family of functions. You probably should not rely on this library being usable in future versions of PHP.

Charles
  • 50,943
  • 13
  • 104
  • 142
  • Hi Charles, yes I'd noticed this but was making use of the 'build php objects from tables' component during a quick dev phase, I'm going to swap out the library later on. thanks for the input. – sapatos Jul 11 '13 at 23:02
0

The solution to this issue was to include the connection as the second parameter to the mysql_real_escape_string function. Looks like on the EC2 ubuntu instance it didn't like it without this.

mysql_real_escape_string($string, $resource)

http://php.net/manual/en/function.mysql-real-escape-string.php

sapatos
  • 1,292
  • 3
  • 21
  • 44