I have an error like this in my code
Fatal error: Uncaught Error: Call to undefined function
mysql_real_escape_string() in C:\xampp\htdocs\wp\server.php:12 Stack
trace: #0 C:\xampp\htdocs\wp\register.php(1): include() #1 {main}
thrown in C:\xampp\htdocs\wp\server.php on line 12
My code is
$username="";
$email="";
$errors=array();
//conct to sever
$db = mysqli_connect('localhost','registration');
//register button click
if (isset($_POST['register'])){
$username=mysql_real_escape_string($conn,$_POST['username']);
$email=mysql_real_escape_string($conn,$_POST['email']);
$password_1=mysql_real_escape_string($_POST['password_1']);
$password_2=mysql_real_escape_string($_POST['password_2']);
Can someone explain What is the function of mysql_real_escape_string() in php?
Since you're using msqli, you should use the mysqli function:
$username = mysqli_real_escape_string($conn,$_POST['username']);
Related
I am trying to connect to MySQL database with pdo but keep getting this error:
Warning: Use of undefined constant username - assumed 'username' (this will throw an Error in a future version of PHP) in C:\xampp\htdocs\first\index.php on line 2
Warning: Use of undefined constant password - assumed 'password' (this will throw an Error in a future version of PHP) in C:\xampp\htdocs\first\index.php on line 2
Fatal error: Uncaught PDOException: SQLSTATE[HY000] [1045] Access denied for user 'username'#'localhost' (using password: YES) in C:\xampp\htdocs\first\index.php:2 Stack trace: #0 C:\xampp\htdocs\first\index.php(2): PDO->__construct('mysql:host=loca...', 'username', 'password') #1 {main} thrown in C:\xampp\htdocs\first\index.php on line 2
here's my code:
<?php
$pdo = new PDO('mysql:host=localhost;port=3306;dbname=dbname', username, password);
?>
It's because the username and password are not variables. They are missing the $
<?php
$username = 'myUsername';
$password = 'myPassword';
$pdo = new PDO('mysql:host=localhost;port=3306;dbname=dbname', $username, $password);
?>
This question already has answers here:
Fatal error: Call to undefined function mysqli_connect() in... while connecting PHP 5.4.22 and MySQL 5.5 with Apache 2.4.7
(5 answers)
Closed 3 years ago.
I am writing a simple registration code. I want to save username and password in db.
While running the page of registration.php on localhost I got this error.
Fatal error: Uncaught Error: Call to undefined function mysqli_connect() in C:\Users\Ammad Hassan\www\db.php:4 Stack trace: #0 C:\Users\Ammad Hassan\www\registration.php(10): require() #1 {main} thrown in C:\Users\Ammad Hassan\www\db.php on line 4
db.php is shown below
<?php
// Enter your Host, username, password, database below.
$con = mysqli_connect("localhost","root","","register");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
Registration.php
<?php
require('db.php');
// If form submitted, insert values into the database.
if (isset($_REQUEST['username'])){
// removes backslashes
$username = stripslashes($_REQUEST['username']);
//escapes special characters in a string
$username = mysqli_real_escape_string($con,$username);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con,$password);
$query = "INSERT into `users` (username, password)
VALUES ('$username', '".md5($password)."')";
$result = mysqli_query($con,$query);
if($result){
echo "<div class='form'>
<h3>You are registered successfully.</h3>
<br/>Click here to <a href='login.php'>Login</a></div>";
}
}else{
?>
I want to run this page so that I can enter in the form.
Check if mysqli library is enabled in your php.ini.
Also consider using PDO instead, it is better and not tied to MySQL.
would like to ask about configuration of XAMPP mySQL database.
I have set my xampp document root to drive D, and now i unable to connect to SQL database and always get error.
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in D:\localserver\connection.php:3 Stack trace: #0 D:\localserver\login.php(4): include() #1 {main} thrown in D:\localserver\connection.php on line 3
the file that handle the connection look like this
<?php
$connect = mysql_connect("localhost","root","");
if(!$connect) {
die ('connection fail!!!');
} else {
print ('connection okay!!!');
}
$connectdb = mysql_select_db('admin_login');
if(!$connectdb) {
die ('connection fail!!!');
} else {
print ('connection okay!!!');
}
?>
The mysql_connect() function is from a library that is deprecated since a couple of years and has been removed in PHP 7.
Use mysqli_connect() or PDO.
UPDATE
You can pass the name of the database into mysqli_connect() and get rid of the extra mysqli_select_db(). If you want to user mysqli_select_db() in procedural style instead of object oriented it expects the link that is returned by mysqli_connect() as the first parameter and the database name as the second one like this:
$link = mysqli_connect("localhost", $user, $password);
$db = mysqli_select_db($link, $dbname);
I have received:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5538ac14bb2ca7514f9f4d8826f3c45e'')' at line 1' in C:\xampp\htdocs\register.php:19 Stack trace: #0 C:\xampp\htdocs\register.php(19): PDO->exec('insert into use...') #1 {main} thrown in C:\xampp\htdocs\register.php on line 19.
How can this be solved, like what should be done?
<?php
session_start();
// If the form has been submitted
if (isset($_POST['submitted'])){
// Create a database connection
$db = new PDO("mysql:dbname=johnsoa7_db;host=localhost", "root", "");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Get and sanitise the inputs, we don't need to do
// this with the password as we hash it anyway
$safe_forename = $db->quote($_POST['forename']);
$safe_lastname = $db->quote($_POST['lastname']);
$safe_email = $db->quote($_POST['email']);
$hashed_password = $db->quote(md5($_POST['password']));
// Insert the entry into the database
$query = "insert into users values (default, $safe_forename, $safe_lastname, $safe_email, '$hashed_password')";
$db->exec($query);
// Get the ID
$id = $db->lastInsertId();
// Output success or the errors
echo "Congratulations! You are now registered. Your ID is: $id";
}
?>
You have an error in this line:
$query = "insert into users values (default, $safe_forename, $safe_lastname, $safe_email,'$hashed_password')";
default should be quoted if it is string.
If it is a variable, you missed $.
Please see the comment by #ceejayoz:
As he said you don't need quoted around $hashed_password...
having an issue with connecting to my DB (been a long long day) - so anyway I am creating a simple search query into my DB but getting scripting errors - so here is my code:
<?php
mysqli_connect("localhost", "my username", "my password");
mysqli_select_db("smudged");
$search = mysqli_real_escape_string(trim($_POST['searchterm']));
$find_image = mysqli_query("SELECT * FROM 'smd_images' WHERE 'img_description' LIKE'%$search%'");
while($row = mysqli_fetch_assoc($find_image))
{
$name = $row['name'];
echo "$name";
}
?>
Here is my error:
search.php on line 4 Warning: mysql_select_db(): A link to the server could not be established in /marble/search.php on line 4 Fatal error: Call to undefined function mysql_real_escape_sring() in /marble/search.php on line 6
Typo. Instead of mysql_real_escape_sring() you probably meant mysql_real_escape_string()