If statement not working properly while data gets inserted - php

I have created a function which takes three parameters.
My function is simple, it connects to database using pdo but when I call it the data gets inserted, but when I wrap the function inside variable, the if statement doesn't work as expected. My function is just like this
function connect($data,$username,$password){
try { $connect =new PDO($data,$username,$password);
$connect->setAttribute(PDO::ATTR_ERRMODE, ERRMODE_EXCEPTION);
$connect->exec("INSERT INTO data(fname,lname,uname, password) VALUES('raashid','din','dar','wow')");
} catch( Exception $e) {
echo "error occurred". $e->get messages();
}
return;
}
$db =connect("mysql:host=localhost","root","pass");
if($db){
echo "Yes connected";
} else {
echo " not connected";
}
I don't know why if conditional shows not connected while data gets inserted.
Any help will be appreciated.


Empty return; is the same as return null;. And null is considered falsy value, so if($db){ is false and you see the relevant message.
So, you should return another value from your function. For example true when everything is ok and false when exception occured, for example:
function connect($data,$username,$password){
try {
$connect = new PDO($data,$username,$password);
$connect->setAttribute(PDO::ATTR_ERRMODE, ERRMODE_EXCEPTION);
$connect->exec("INSERT INTO data(fname,lname,uname, password) VALUES('raashid','din','dar','wow')");
return true;
} catch( Exception $e) {
echo "error occurred". $e->getMessage();
return false;
}
}

Related

Manage exception on db login instead of showing stacktrace

How do you manage exception, I mean do something when exception occurs instead of printing the stacktrace.
try{
$this->koneksi = new PDO($this->info,$this->user,$this->pass);
$this->koneksi->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
}catch(SQLException $e){
// instead of executing the following, it just print the stacktrace
echo "error on login";
}
I try also something like
function check(){
$this->koneksi = new PDO($this->info,$this->user,$this->pass);
if ( $this->koneksi){
return true;
}
else {
return false;
}
}
so
if the check function returns false do something, but still just printing the stacktrace.

php mysqli_query error numbers

I'm executing MySQL database querys in my PHP scrpt like this:
function doStuffInDB(){
...
if (($r = mysqli_query($db_conn, $q)) === false) {
throw new Exception(mysqli_error($db_conn));
} else {
//get result
}
...
}
When I call the function which executes the query, I call it like this:
function doStuff(){
try{
doStuffInDB();
}catch(Exception $e){
echo $e->getMessage();
}
}
I would like to write a generic error handler that takes the error number of the error that occurred and returns an error message to the user. Something like:
function doStuff(){
try{
doStuffInDB();
}catch(Exception $e){
echo $feedback = handleError($e->getErrorNumber());
}
}
For me to do this, I need a list of error numbers which can occur while calling mysqli_query() but I can not find any such list. Where can I find this documentation? Any tip on how this error handler (a php function) would look like?

Will the code in finally be run if I have program flow like this?

I was wondering if the following program flow will prevent the finally from being run in this try-catch-finally block due to a return in the try.
Please excuse poor error checking and sanitisation, this is just a mock:
function doLogin() {
$dbh = new PDO('mysql:host=localhost;dbname=test', "root", "");
$errors = array();
$loginSuccess = false;
try {
$query = $dbh->prepare('SELECT *
FROM users
WHERE username = :username');
$query->bindParam(':username', $_POST['username'], PDO::PARAM_STR);
$result = $query->fetch(PDO::FETCH_ASSOC);
if (!password_verify($_POST['password'], $result['password'])) {
array_push($errors, 'Invalid password.');
return; // will this return prevent the finally from being run?
}
else {
$loginSuccess = true;
}
}
catch (PDOException $pdoEx) {
echo 'Error occurred ' . $pdoEx->getMessage();
}
finally {
$dbh = null;
}
}
Code is pretty poorly written, but hopefully you understand my point.

The answer is yes, the code in finally will be run.
For example:
function example() {
try {
return true;
}
catch(Exception $e){
echo "error";
}
finally{
return false;
}
}
var_dump( example() );
Outputs:
bool(false)
It's also (hiddenly) stated in the docs:
In PHP 5.5 and later, a finally block may also be specified after the
catch blocks. Code within the finally block will always be executed
after the try and catch blocks, regardless of whether an exception has
been thrown, and before normal execution resumes.
To my understanding the try block finishes with the return statement. The normal execution is "paused" and the finally executed.

How can I catch the database error without letting it end up dead?

What I'm doing is updating a row using Codeigniter active records. DBMS is PostgreSQL. I want to catch the error without ending up with a screen like below.
If I explain the reason to follow this procedure is, If the update query function is executed correctly without errors there is second function to be executed depending on the return value(true or false) of the 1st function.
I have tried the below methods which do not work.
Method 1
$this->db->where('id', $folio_id);
$this->db->update('folio', $data);
if(!empty($this->db->_error_number()))
{
echo "ERROR";die;
}
Method 2
try
{
$this->db->where('id', $folio_id);
$this->db->update('folio', $data);
}
catch (Exception $e)
{
echo "ERROR";die;
}
All I want to do is return true if the query executed without errors else return false if there are any errors.
How can I catch the database error without letting it end up dead?

I am not sure to understand very well, but why you don't remove the die from the catch ?
$success = true;
try
{
$this->db->where('id', $folio_id);
$this->db->update('folio', $data);
}
catch (Exception $e)
{
echo "ERROR ".$e.getMessage();
$success = false;
}
if ($success) {
...

PHP Try and Catch for SQL Insert

I have a page on my website (high traffic) that does an insert on every page load.
I am curious of the fastest and safest way to (catch an error) and continue if the system is not able to do the insert into MySQL. Should I use try/catch or die or something else. I want to make sure the insert happens but if for some reason it can't I want the page to continue to load anyway.
...
$db = mysql_select_db('mobile', $conn);
mysql_query("INSERT INTO redirects SET ua_string = '$ua_string'") or die('Error #10');
mysql_close($conn);
...

Checking the documentation shows that its returns false on an error. So use the return status rather than or die(). It will return false if it fails, which you can log (or whatever you want to do) and then continue.
$rv = mysql_query("INSERT INTO redirects SET ua_string = '$ua_string'");
if ( $rv === false ){
//handle the error here
}
//page continues loading

This can do the trick,
function createLog($data){
$file = "Your path/incompletejobs.txt";
$fh = fopen($file, 'a') or die("can't open file");
fwrite($fh,$data);
fclose($fh);
}
$qry="INSERT INTO redirects SET ua_string = '$ua_string'"
$result=mysql_query($qry);
if(!$result){
createLog(mysql_error());
}

You can implement throwing exceptions on mysql query fail on your own. What you need is to write a wrapper for mysql_query function, e.g.:
// user defined. corresponding MySQL errno for duplicate key entry
const MYSQL_DUPLICATE_KEY_ENTRY = 1022;
// user defined MySQL exceptions
class MySQLException extends Exception {}
class MySQLDuplicateKeyException extends MySQLException {}
function my_mysql_query($query, $conn=false) {
$res = mysql_query($query, $conn);
if (!$res) {
$errno = mysql_errno($conn);
$error = mysql_error($conn);
switch ($errno) {
case MYSQL_DUPLICATE_KEY_ENTRY:
throw new MySQLDuplicateKeyException($error, $errno);
break;
default:
throw MySQLException($error, $errno);
break;
}
}
// ...
// doing something
// ...
if ($something_is_wrong) {
throw new Exception("Logic exception while performing query result processing");
}
}
try {
mysql_query("INSERT INTO redirects SET ua_string = '$ua_string'")
}
catch (MySQLDuplicateKeyException $e) {
// duplicate entry exception
$e->getMessage();
}
catch (MySQLException $e) {
// other mysql exception (not duplicate key entry)
$e->getMessage();
}
catch (Exception $e) {
// not a MySQL exception
$e->getMessage();
}

if you want to log the error etc you should use try/catch, if you dont; just put # before mysql_query
edit :
you can use try catch like this; so you can log the error and let the page continue to load
function throw_ex($er){
throw new Exception($er);
}
try {
mysql_connect(localhost,'user','pass');
mysql_select_db('test');
$q = mysql_query('select * from asdasda') or throw_ex(mysql_error());
}
catch(exception $e) {
echo "ex: ".$e;
}

Elaborating on yasaluyari's answer I would stick with something like this:
We can just modify our mysql_query as follows:
function mysql_catchquery($query,$emsg='Error submitting the query'){
if ($result=mysql_query($query)) return $result;
else throw new Exception($emsg);
}
Now we can simply use it like this, some good example:
try {
mysql_catchquery('CREATE TEMPORARY TABLE a (ID int(6))');
mysql_catchquery('insert into a values(666),(418),(93)');
mysql_catchquery('insert into b(ID, name) select a.ID, c.name from a join c on a.ID=c.ID');
$result=mysql_catchquery('select * from d where ID=7777777');
while ($tmp=mysql_fetch_assoc($result)) { ... }
} catch (Exception $e) {
echo $e->getMessage();
}
Note how beautiful it is. Whenever any of the qq fails we gtfo with our errors. And you can also note that we don't need now to store the state of the writing queries into a $result variable for verification, because our function now handles it by itself. And the same way it handles the selects, it just assigns the result to a variable as does the normal function, yet handles the errors within itself.
Also note, we don't need to show the actual errors since they bear huge security risk, especially so with this outdated extension. That is why our default will be just fine most of the time. Yet, if we do want to notify the user for some particular query error, we can always pass the second parameter to display our custom error message.

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
I am not sure if there is a mysql version of this but adding this line of code allows throwing mysqli_sql_exception.
I know, passed a lot of time and the question is already checked answered but I got a different answer and it may be helpful.

$sql = "INSERT INTO customer(FIELDS)VALUES(VALUES)";
mysql_query($sql);
if (mysql_errno())
{
echo "<script>alert('License already registered');location.replace('customerform.html');</script>";
}

To catch specific error in Mysqli
$conn = ...;
$q = "INSERT INTO redirects (ua_string) VALUES ('$ua_string')";
if (mysqli_query($conn, $q)) {
// Successful
}
else {
die('Mysqli Error: '.$conn->error); // Show Error Complete Description
}
mysqli_close($conn);

Use any method described in the previous post to somehow catch the mysql error.
Most common is:
$res = mysql_query('bla');
if ($res===false) {
//error
die();
}
//normal page
This would also work:
function error() {
//error
die()
}
$res = mysql_query('bla') or error();
//normal page
try { ... } catch {Exception $e) { .... } will not work!
Note: Not directly related to you question but I think it would much more better if you display something usefull to the user. I would never revisit a website that just displays a blank screen or any mysterious error message.

$new_user = new User($user);
$mapper = $this->spot->mapper("App\User");
try{
$id = $mapper->save($new_user);
}catch(Exception $exception){
$data["error"] = true;
$data["message"] = "Error while insertion. Erron in the query";
$data["data"] = $exception->getMessage();
return $response->withStatus(409)
->withHeader("Content-Type", "application/json")
->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
}
if error occurs, you will get something like this->
{
"error": true,
"message": "Error while insertion. Erron in the query",
"data": "An exception occurred while executing 'INSERT INTO \"user\" (...) VALUES (...)' with params [...]:\n\nSQLSTATE[22P02]: Invalid text representation: 7 ERROR: invalid input syntax for integer: \"default\"" }
with status code:409.

Categories