I am working on a food Restaurant Website and whenever I try to submit the data to the database it displays: Unknown database foodies. "foodies" is the name of my database. I have also gone inside the phpmyadmin to confirm that my database "foodies" is existing, I also confirmed that every columns are created correctly. But I don't know why it keeps on displaying Unknown database foodies. Please I need help. below is the code:
<?php
if(isset($_POST['submit']))
{
// if button is clicked
//1. This code will get the data from the form.
$full_name = $_POST['full_name'];
$username = $_POST['username'] ;
$password = md5($_POST['password'] ); //password encrypted with md5
// 2.the sql query will send the collected from the form to the database
$sql = " INSERT INTO admin_1 SET
full_name ='$full_name',
username = '$username',
password ='$password'
";
// 3.This will execute the query and save it into the database
$conn = mysqli_connect('localhost','root','<password>') or die(mysqli_error($conn));
$db_select = mysqli_select_db($conn,'foodies') or die(mysqli_error($conn));
$res = mysqli_query($conn, $sql) or die(mysqli_error($conn));
}
?>
Related
I'm new to PHP and I'm going to try to explain it the way I could :D. I'm trying to accomplish when the user logged in (using username and password), it opens a new page with the users name, address etc.
In my database table, I have a username, password, name and address.
I was able to accomplish the login page using session but would like to how to get/fetch those information like name and address to the new page it opens.
Thank you,
MD :)
correct me if i'm wrong.
Here is how u fetch the information from a certain table by using PHP and MySQL(PhpMyAdmin) database.
$conn = mysqli_connect("localhost", "root", "", "hotel"); //Connecting to the database
if($conn){
$sql = "SELECT USER_NAME, USER_PASS FROM USER"; //SELECT statement
$result = $conn->query($sql); //Executing the statement
if(mysqli_query($conn, $sql)){ //If query success
while($row = $result->fetch_assoc()){ //While loop to retrieve all data
$user = $row["USER_NAME"]; //Assign Column USER_NAME in database to $user
$pass = $row["USER_PASS"]; //Assign Column USER_PASS in database to $pass
echo $user."</br>".$pass."</br>"; //Displaying the content
}
}else{
echo "Query failed";
}
}else{
die("Fatal Error");
}
$conn->close(); //Close the database connection
I'm creating a signup form and am onto the confirmation email part. I want to find all values associated with one other value in a database.
Ex. I get the "key" that is in the URL, then want to find all the values associated with it. In my database there are 4 columns: STR (the key), USERNAME, PASSWORD, and EMAIL. If I get STR I want to get the username, password, and email that are in the same row as the key and then insert it into another table in the same database.
verify.php:
<?php
$username = $_GET['username'];
$password = $_GET['password'];
$email = $_GET['email'];
$servername = "localhost";
$user = 'usernamelol';
$pass = 'passwordlol';
$dbname = 'vibemcform';
$str = $_GET['str'];
$conn = new mysqli($servername, $user, $pass, $dbname);
/* The variable query gets the "key" from the dont database. I want to compare that value with the other values associated with it. Ex. the variables in the same row as the key. */
$query = mysqli_query($conn, "SELECT * FROM `dont` WHERE STR='".$key."'");
/* Below is my attempt. Feel free to change whatever you want. */
$sql = "SELECT USERNAME, PASSWORD, EMAIL FROM dont";
$result = $conn->query($sql);
if (!$query) {
die('Error: ' . mysqli_error($con));
}
if (mysqli_num_rows($query) > 0) {
if ($result -> num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$sqltwo = "INSERT INTO data (USERNAME, PASSWORD, EMAIL) VALUES ($row["USERNAME"], $row["PASSWORD"], $row["EMAIL"])";
}
}
}
echo 'Successfully verified your email!'; exit;
?>
Why not simpy use the insert ... select syntax?
insert into data(username, password, email)
select username, password, email from dont where str = :key
You can run this query right ahead, and then check how many rows were affected:
If no row was affected, then it means that the select did not bring a row back: so the :key was not found in the database
If a row was affected, then the key was found and the executed row was inserted
Note that you should use parametrized queries so your code is safe from SQL injection (and more efficient as well); recommended reading How can I prevent SQL injection in PHP??
I'm making a secret diary website for mysql practice. I've set up 4 columns to accept an id, email, password, and diary entry. The id is the primary key and auto increments whenever I use a query to insert the $_POST['email'] and $_POST['password']. I've successfully been able to add fake entries into the database so that isn't my issue. I'm following a video guide on how to do this and the instructor uses the method mysqli_real_escape_string() with the POST variable inside before inserting into the database and whenever I use it, only blank text is entered into my database. Whenever I don't use that method, my query writes to my db successfully. Can anyone explain why this is?
I've implemented checks prior to the following php code to add to my $error variable if the user doesn't fill in a field or enters incorrect email format.
if (!empty($error)) {
$error = '<p><strong>There were error(s) in your sign-up:</strong></p>'.$error;
} else {
print_r($_POST);
//$emailInput = mysqli_real_escape_string($_POST['email']);
$emailInput = $_POST['email'];
//$passwordInput = mysqli_real_escape_string($_POST['password']);
$passwordInput = $_POST['password'];
$query = "INSERT INTO `users` (`email`, `password`) VALUES ('$emailInput', '$passwordInput')";
if($result = mysqli_query($link, $query)) {
echo "Sign Up Successful";
} else {
$error .= "<p>Could not sign you up - please try again</p>";
}
}
}
I am new at PHP and I'm trying to create a profile page whereby the user is able to view their information which they inserted when signing up to the website.
At first I'm attempting this with just their first name, so that whoever is logged in can see what first name they have saved on the database.
I have a included "checklog.php" page which includes
<? php session_start(); ?>;
And in my page, when i use;
echo $_SESSION['username']
The user's username is printed out fine.
So i've tried to apply this in mysqli query in order to print out their first name from the database like this;
<?php
if($db_server){
$query = "SELECT firstname FROM users WHERE username=$_SESSION['username']";
$result = mysqli_query($db_server, $query) or
die(mysql_error($db_server));
if (!$result) die('Query failed: ' . mysqli_error($db_server));
while($row = mysqli_fetch_array($result)){
echo $row['firstname'];
}
}
mysqli_free_result($result);
?>
But I get an error on line 15 which is the SQL statement, can someone tell me what I'm doing wrong in my statement?
First of all add session_start(); in the top of the PHP code..
<?php
session_start();//<-- Here
Second.. rewrite your query like this..
$query = "SELECT firstname FROM users WHERE username= '".$_SESSION['username']."'";
I have a registration script where the user id is saved as a session variable after registration and the user is redirected to their homepage. For some reason the user id is not being stored in the session variable. This exact same script worked on a different project, I simply took the project and changed the database connection settings and now it's not working.
Here is the registration script:
mysqli_connect($db_host, $db_user, $db_pass) OR DIE (mysqli_error());
// select the db
mysqli_select_db ($link, $db_name) OR DIE ("Unable to select db".mysqli_error($db_name));
// our sql query
$sql = "INSERT INTO seekers (first_name, last_name, username, email, password, salt) VALUES ('$firstName', '$lastName', '$username', '$email', '$hashedPW', '$salt');";
//save the updated information to the database
$result = mysqli_query($link, $sql) or die("Error in Query: " . mysqli_error($link));
if (!mysqli_error($link)) {
$row = mysqli_fetch_assoc($result);
$_SESSION['user_id'] = mysqli_insert_id($link);
$_SESSION['loggedin'] = TRUE;
header("Location: ../index.php");
}
And here is the session checking and db query on the protected page:
session_start();
if(isset($_SESSION['loggedin']) && $_SESSION['user_id'] != 'user_id') {
include_once('includes/user.header.php');
//set user_id
$user_id = $_SESSION['user_id'];
//include the logged in user header
include_once('includes/user.header.php');
//select user information according to their logged in user_id
$sql = $link->query('SELECT * FROM seekers WHERE id = "'.$user_id.'"');
$row = mysqli_fetch_assoc($sql);
//create piece name together
$firstName = $link->real_escape_string($row['first_name']);
$lastName = $link->real_escape_string($row['last_name']);
$fullName = $firstName. " " .$lastName;
//get username
$username = $link->real_escape_string($row['username']);
When I am redirected to the index.php page, everything looks fine, except none of the user information is being queried from the DB.
Can anyone see what is wrong here? I know it's got to be something little and I'm just over looking it.
Please any help would be greatly appreciated.
EDIT: All information is being stored in the database successfully as well.
You are trying to use user_id without a select query ... indeed you must get the last insert id
changed line ;
$_SESSION["user_id"]=mysql_insert_id();
and
if (!mysqli_error($link))
should be
if (!mysqli_error($result))
and
$sql = $link->query('SELECT * FROM seekers WHERE id = "'.$user_id.'"');
to
$sql = $link->query('SELECT * FROM seekers WHERE user_id = "'.$user_id.'"');