Warning: mysql_real_escape_string()?

my code-

$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);

but it throws warning-

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'loc开发者_Python百科alhost' (using password: NO) in C:\xampp\htdocs\pics\confirm_login_credentials.php on line 3

and

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\xampp\htdocs\pics\confirm_login_credentials.php on line 3

mysql_real_escape_string requires an established link to the database to distinguish the actually used character encoding:

Note: A MySQL connection is required before using mysql_real_escape_string() otherwise an error of level E_WARNING is generated, and FALSE is returned. If link_identifier isn't defined, the last MySQL connection is used.

It seems that you don’t have that when calling mysql_real_escape_string.

http://www.webmasterworld.com/php/3120893.htm

You need the database link before anything else.

mysql_real_escape_string() takes a connection handler and escapes the

string according to the current character set. Although depreciated, mysql_escape_string [us3.php.net] doesn't need a connection