This question already has answers here:
Single result from database using mysqli
(6 answers)
Closed 5 months ago.
I am trying to retrieve some value from a column in the database.
The idea is to retrieve the IP of the person, then check their country, after that check the database if the country is blacklisted or not. There seems to be something wrong in the code, may you please give an advise?
This is the code:
<?php
//Get IP and country name
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
$servername = "localhost";
$username = "My_Username";
$password = "My_password";
$dbname = "Database_name";
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT country_name FROM uni_country";
$result = $conn->query($sql);
if (strpos($result, $country) == true) {
echo $country ." " . "is banned";
} else {
echo "Your country is not banned";
}
$conn->close();
?>
When I run it, it shows "Your country is not banned" - when it should actually say that my country is banned (I added a country to the database to test this).
The issue seems to be with reading the data from the database.
If I do echo $country; --> It actually shows my country, so it is retrieving it correctly (from geojs.io). But the code is not pulling the data from the database and verifying it.
Update:
If I do echo $result; the page returns Error 500.
Update
tried this new code, now it's saying that the country is not in the database, although it is actually there.
<?php
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
$conn = mysqli_connect("localhost", "database", "password", "username");
$query = mysqli_query("SELECT * FROM `uni_country` WHERE country_name = '$country'");
if(mysqli_num_rows($query)>0) {
echo "Country Is in the database";
}
else {
echo "Country is not in the database";
}
?>
After trying for hours, this is the correct code:
<?php
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
// Create connection
$servername = "localhost";
$username = "MyUsername";
$password = "MyPassword";
$database = "MyDatabase";
$conn = new mysqli($servername, $username, $password, $database);
$sql = "SELECT * FROM uni_country WHERE country_name ='$country'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "You country is currently banned.";
}
} else {
echo "Your country is not banned!";
}
?>
Related
I am trying to figure out a way to have one PHP page to display all of my blog post but have the URL decide what post is requested from that database. Something kind of like this: localhost/bolg/posts.php?pid=1 In my database I have it set up to where each post has an ID associated with it. So what I want is something that put the pid=1 and put it in the MySQL code. Here is the PHP code of the post.php
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT id, title, content, date FROM posts where id =3";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<h1> ". $row["title"]. "</h1>". $row["content"]. "" . $row["date"] . "<br>";
}
} else {
echo "0 results";
}
$conn->close();
?>
Assuming you enter example.com?pid=10 in the browser address bar, you can capture that variable pid using the $_GET (docs) array which PHP automatically fills for you when a page is called with a querystring.
Using your existing code as a start point you can
<?php
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
if (isset($_GET['pid'])) {
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
$sql = "SELECT id, title, content, date FROM posts where id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $_GET['pid']);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
// output data of each row
// while looop is not necessary, you are only returning one row
$row = $result->fetch_assoc();
echo "<h1> ". $row["title"]. "</h1>". $row["content"]. "" . $row["date"] . "<br>";
}
$conn->close();
} else {
echo "0 results";
}
Notice I took the liberty of amending your database access code to use prepared and parameterised query and binding the values to avoid SQL Injection Attack. You should always use this technique in the future
I Cannot Check whether the username already exist in database. I gone through existing questions that were answered here. None of them solved my problem. When i executes, it displays "Cannot select username from table", which i given inside die block. Code Is given below.
<?php
$username = $_POST['user_name'];
$password = $_POST['pass_word'];
$host = "localhost";
$db_username = "root";
$db_password = "";
$db_name = "my_db";
//create connection
$conn = #new mysqli($host, $db_username, $db_password, $db_name);
if (isset($_POST["submit"]))
{
# code...
//check connection established or not
if ($conn->connect_error)
{
die("Not Connected to DB");
}
else
{
$query = "SELECT 'usernamedb' FROM 'registration' WHERE usernamedb='$username'";
$result = mysqli_query($conn, $query) or die('Cannot select username from table');
if (mysqli_num_rows($result)>0)
{
$msg.="This username already exist. try Another !!";
}
else
{
$insert = "INSERT INTO 'registration'('id', 'usernamedb', 'password') VALUES ([$username],[$password])";
$insert_result = mysqli_query($conn,$insert) or die('INSERTION ERROR');
}
}
$conn->close();
}
?>
Hope someone will answer me.
First of all you should not use those unescaped queries.
But regarding your question you have an SQL error on your queries. You quoted table name. "FROM 'registration'" should be "FROM registration".
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
Closed 6 years ago.
<?php
$servername = "localhost";
$username = "user";
$password = "pass";
$dbname = "test";
$tablename = "mapcoords";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error)
{
echo "Failure";
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
$sql = "SELECT (lat, lng) FROM mapcoords";
$result = $conn->query($sql);
while($row = $result->fetch_assoc())
{
echo "ok";
}
$conn->close();
?>
Here is the code. So like I said, it can connect successfully, but the code won't successfully query. What's weird is that if I copy and paste the same code, which seems to be EXACTLY the same, it works. It makes no sense. I can't find a single difference between their code and my code besides the way they space things and the way I space things. Here is their code:
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT (lat, lng) FROM mapcoords";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo $row["lat"]. " " . $row["lng"] . "<br>";
}
} else {
echo "0 results";
}
$conn->close();
?>
The problem is that this query:
SELECT (lat, lng) FROM mapcoords
returns the folloowing error:
[21000][1241] Operand should contain 1 column(s)
You have to change the query to
SELECT lat, lng FROM mapcoords
This question already has answers here:
Can I mix MySQL APIs in PHP?
(4 answers)
Closed 6 years ago.
i want to fetch a mysql table named "my_table" column named "Email" contents as an array by php , so this is my code :
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "my_table";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$result = mysql_query("SELECT * FROM my_table");
if ($result === FALSE) {
die(mysql_error()); // TODO: better error handling
}
$data = array();
while ($row = mysql_fetch_array($result)) {
$data[] = $row['Email'];
}
echo join($data, ',');
?>
but this code returns me this error :
No database selected
but i've selected my table and database ...
and i know this code have some problems as mixing mysql and mysqli content but i dont know how to fix it i just want that array echo , if this code need to be fixed just guid me ,
how to solve this problem ? thanks in advance
Thanks to #Martin
my problem has solved i just changed the code by this way :
<?php
$servername = "localhost"; $username = "root"; $password = ""; $dbname = "my_db";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname); // Check connection
if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error);}
$result = mysqli_query($conn, "SELECT * FROM my_table");
if($result === FALSE) {
die(mysql_error()); // TODO: better error handling
}
$data = array();
while ($row = mysqli_fetch_array($result))
{
$data[] = $row['Email'];
}
echo join($data, ',')
?>
You are conencting to a database here called "my_table":
$dbname = "my_table";
And then, in your SQL statement, you try connecting to a table called the same:
$result = mysql_query("SELECT * FROM my_table");
Are you sure this is the correct name for your database?
On PHPMyAdmin you can click "Databases" to view the Database names and then, when clicking on the db, it will give you a list of tables:
Image file of getting database views from tables in PHPMyAdmin
I believe my PHP to be functioning perfectly, therefore I think it's a query error. When I proceed, with form details stored in the session... it happily returns my Posted information but doesn't seem to be pulling anything from my database - there is a row in my database containing the email address I am using. Does anybody see anything blatantly wrong with this PHP?
Thanks for your help.
<?php
session_start();
$servername = "localhost";
$username = "privatedbroot";
$password = "not4ulol";
$dbname = "pdb_inventory";
$status = $_GET["action"];
$_SESSION["Cemail"] = $_POST["CEMAIL"];
$_SESSION["Access"] = md5($_POST["ACCESS"]);
$conn = new mysqli($servername, $username, $password, $dbname);
$sql = "SELECT CEMAIL, ACCESS FROM POPU WHERE `CEMAIL`= ".$_SESSION['Cemail'];
echo $sql;
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
if ($_SESSION["Access"] == $row["ACCESS"]){
echo "password correct!";
} else {
echo "password wrong!";
}
}
}else{
echo "ur email is wrong m8.";
}
?>
Try this:
$cemail = $_SESSION['Cemail'];
$sql = "SELECT CEMAIL, ACCESS FROM POPU WHERE `CEMAIL`= '$cemail'";