Problem with the "quote" PDO function

[fomalhaut]

Hello.

I try to use the quote function of PDO to escape a string issued from a form. The connection with the DB seems to be establish, but I've this message :

Fatal error: Call to a member function quote() on a non-object in /home/user/public_html/functions.php on line 5

that's the function I use :

PHP Code:

include ('DB_Connect.inc');
include ('functions.php');
$ut = $_POST['utilisateur'];
$pa = safe($_POST['upass']); 


the script after that isn't executed because of the error.

That's the included DB_Connect.inc :

PHP Code:

<?php
//on se connecte à la database
$db  = DB_name;
$dbh = new PDO("mysql:host=localhost;dbname=$db", 'user', 'password');
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
?>

and the functions.php :

PHP Code:

<?php
// ce fichier est un include php
function safe($v) {
// return mysql_real_escape_string($var);
$ret = $dbh->quote($v);
return $ret;
}
?>

I don't understand why that doesn't work ! Fore, I used a mysql_real_escape_string with a mysql connection (out of PDO) but all the rest of my script's access to DB was written with PDO. I'd like to uniformize, using only one connection via my include file DB_Connect.inc !!!

Am I on the wrong way ?

Thank you for your help.

[misson]

You need to declare $dbh as global within function safe($v), or pass $dbh as a parameter.

[fomalhaut]

Thanks, Misson, that was rather simple ! :nuts:

I declare it as global... and it works !