Showing Error in a php function - php

I have declared a function called test_input in my php script,which working absolutely fine in another scripts.
It shows error
Fatal error: Uncaught Error: Call to undefined function test_input() in C:\xampp\htdocs\submitdata\cwisubmit.php:25 Stack trace: #0 {main} thrown in C:\xampp\htdocs\submitdata\cwisubmit.php on line 25
My php script is:
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Database Connected SUCCESSFULLY";
if($_SERVER["REQUEST_METHOD"]=="POST") {
// Variables initialization
$fname=$lname=$dob=$phone=$email=$postcode=$staddress=$city=$lan=$lcwi=$ptype=$mhtype="";
// Retrieving the data from the form
$fname=test_input(mysqli_real_escape_string($conn,$_POST['fname']));
$lname=test_input(mysqli_real_escape_string($conn,$_POST['lname']));
$dob=test_input(mysqli_real_escape_string($conn,$_POST['dob']));
$phone=test_input(mysqli_real_escape_string($conn,$_POST['phone']));
$email=test_input(mysqli_real_escape_string($conn,$_POST['email']));
$postcode=test_input(mysqli_real_escape_string($conn,$_POST['postcode']));
$staddress=test_input(mysqli_real_escape_string($conn,$_POST['staddress']));
$city=test_input(mysqli_real_escape_string($conn,$_POST['city']));
$lan=test_input(mysqli_real_escape_string($conn,$_POST['lan']));
$lcwi=test_input(mysqli_real_escape_string($conn,$_POST['lcwi']));
$ptype=test_input(mysqli_real_escape_string($conn,$_POST['ptype']));
$mhtype=test_input(mysqli_real_escape_string($conn,$_POST['mhtype']));
function test_input($data) {
$data=trim($data);
$data=stripslashes($data);
return $data;
}
//sql insert
$sql="INSERT INTO cwi(fname, lname, dob, phone, email, postcode, staddress, city, lan, lcwi, ptype, mhtype) VALUES('$fname','$lname','$dob','$phone','$email','$postcode','$staddress','$city','$lan','$lcwi','$ptype','$mhtype')";
if($conn->query($sql)===TRUE){
echo "<center>RECORDS UPDATED SUCCESSFULLY</center>";
}else{
echo "Error: ".$sql."<br>".$conn->error;
}
}
$conn->close();
?>
Please check this code whether there is error in my code or why its returning this error


PHP functions can be called before defining it because PHP parses the file first and then executes it. But here is the twist.
Functions that are enclosed in a conditional statement(if else) will
not be parsed. It will be only available after PHP interprets if
So, You have to move your function outside of IF block like
if(condition){
//your code
}
//Your function
function test_input($data){
$data=trim($data);
$data=stripslashes($data);
return $data;
}


define your test_input() function outside of
if($_SERVER["REQUEST_METHOD"]=="POST"){
and your code
if($_SERVER["REQUEST_METHOD"]=="POST"){
seems miss "}"


Changes are made to the code try this. It should work fine.
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
echo "Database Connected SUCCESSFULLY";
if($_SERVER["REQUEST_METHOD"]=="POST"){
//Variables initaition
$fname=$lname=$dob=$phone=$email=$postcode=$staddress=$city=$lan=$lcwi=$ptype=$mhtype="";
//Retrieving the data from the form
$fname=test_input(mysqli_real_escape_string($conn,$_POST['fname']));
$lname=test_input(mysqli_real_escape_string($conn,$_POST['lname']));
$dob=test_input(mysqli_real_escape_string($conn,$_POST['dob']));
$phone=test_input(mysqli_real_escape_string($conn,$_POST['phone']));
$email=test_input(mysqli_real_escape_string($conn,$_POST['email']));
$postcode=test_input(mysqli_real_escape_string($conn,$_POST['postcode']));
$staddress=test_input(mysqli_real_escape_string($conn,$_POST['staddress']));
$city=test_input(mysqli_real_escape_string($conn,$_POST['city']));
$lan=test_input(mysqli_real_escape_string($conn,$_POST['lan']));
$lcwi=test_input(mysqli_real_escape_string($conn,$_POST['lcwi']));
$ptype=test_input(mysqli_real_escape_string($conn,$_POST['ptype']));
$mhtype=test_input(mysqli_real_escape_string($conn,$_POST['mhtype']));
//sql insert
$sql="INSERT INTO cwi(fname, lname, dob, phone, email, postcode, staddress, city, lan, lcwi, ptype, mhtype) VALUES('$fname','$lname','$dob','$phone','$email','$postcode','$staddress','$city','$lan','$lcwi','$ptype','$mhtype')";
if($conn->query($sql)===TRUE){
echo "<center>RECORDS UPDATED SUCCESSFULLY</center>";
}else{
echo "Error: ".$sql."<br>".$conn->error;
}
}
$conn->close();
function test_input($data)
{
$data=trim($data);
$data=stripslashes($data);
return $data;
}
?>

Related

Processing my form with PHP is not working

on line 1 of my page i required the connection file before going on to write my code. at this point i think it is supposed to work but can not figure out why it didn't. please some one who knows better help me.
Can you help me with a sample PHP code for inserting data into mysql database using PHP, mysqli?
Thank you again in advance.

You can use this code for insert data to mysql DB using php and mysqli
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO MyGuests (firstname, lastname, email)
VALUES ('John', 'Doe', 'john#example.com')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>

Call MySQL stored procedure from PHP

I have looked at several examples on how to call a MySQL stored procedure from PHP but none have helped me. The stored procedure works when run inside PHPMyAdmin but I am having trouble calling it from the web.
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "dbname";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$result = mysqli_query($conn,"CALL standings_build()");
if (mysqli_query($conn,$sql))
header('refresh:1; url=schedule_main_scores.php');
else
echo "failed";
?>

There's 2 problems here.
You're querying twice and using the wrong variable, being $sql instead of $result.
$result = mysqli_query($conn,"CALL standings_build()");
if (mysqli_query($conn,$sql))
^^^^^^^^^^^^ calling the query twice
^^^^ wrong variable, undefined
all that needs to be done is this:
if ($result)
and an else to handle the (possible) errors.
Error reporting and mysqli_error($conn) would have been your true friends.
http://php.net/manual/en/function.error-reporting.php
http://php.net/mysqli_error
Side note: You really should use proper bracing techniques though, such as:
if ($result){
echo "Success";
}
else {
echo "The query failed because of: " . mysqli_error($conn);
}
It helps during coding also and with an editor for pair matching.

Why does Mozilla insert duplicate rows? php/sql

So, i got this code:
<?php
$servername = "localhost";
$username = "**";
$password = "**";
$dbname = "TestDB";
// Create connection
$conn = new mysqli($servername, $username, $password,$dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully<br>";
$ip = $_SERVER['REMOTE_ADDR'];
$sql = "INSERT INTO testdata (id,address,count) VALUES (DEFAULT,'$ip',1) ON DUPLICATE KEY UPDATE count=count+1";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully<br>";
} else {
echo "Error: " ;
}
$conn->close();
?>
With this code ip-addresses of customers are saved and it should increase count by 1 every time they return to the website. When i visit database.php directly it works like it should in every browser, but when i call the php-file via the index.html-page it counts up twice (most of the times, not always) in Mozilla, other browsers no problem, the code in html-file:
<img style="display: none;" src="http://servername/database.php?">
Anyone know why? Please help, i'm really stuck here

php store session variable in mysql database

I have a website in PHP. I try to store the session variable $_SESSION['user_name'] to a mysql database when a logged in user visits a specific webpage on my site.
<?php
$servername = "localhost";
$username = "user1";
$password = "user1";
$dbname = "payment";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = 'INSERT INTO users
VALUES ('.$_SESSION['user_name'].')';
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
Error message:
Notice: Undefined variable: _SESSION in /opt/lampp/htdocs/succes.php on line 16
Tried a bunch of things but can't figure it out. What is wrong here?

You need to call session_start() at the beginning of your script (before using any $_SESSION variables). Also, you need quotes around the variable in you query:
$sql = 'INSERT INTO users
VALUES ("'.$_SESSION['user_name'].'")';
Please note that this is not safe; you are wide open to SQL injection. Instead, you should use prepared statements:
<?php
$servername = "localhost";
$username = "user1";
$password = "user1";
$dbname = "payment";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = 'INSERT INTO users
VALUES (?)';
$stmt = $conn->prepare($sql);
$stmt->bind_param('s', $_SESSION['user_name']);
if ($stmt->execute()) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>

Before you use any $_SESSION variables you need to call session_start().
Of topic a bit though, something to look into PDO. It can be a bit a tad slower than mysqli() however supports many more Database types. Here is a good article on Tuts+ explaining some of the differences as well as explaining essential security steps.
If I could be a bit biased I have created a PHP Class for PDO Connections which can be found on GitHub

escape-data mysqli function wont work

I am trying to move from mysql to mysqli. I am connecting fine and simple queries seem to work. However, I want an escape_date function and it keeps tell me that
Notice: Undefined variable: conn in $data =
mysqli_real_escape_string($conn, $data);
here's my code. The function is called when the form data is being processed.
ini_set('display_errors',1);
error_reporting(E_ALL);
// connect to the database
$servername = "localhost";
$username = xxx;
$password = xxx;
$dbname = xxx;
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
} else {
echo '<p>you are connected</p>';
}
// escaping data function
function escape_data($data){
// address magic quotes
if (ini_get('magic_quotes_gpc')){
$data = stripslashes($data);
}
$data = mysqli_real_escape_string($conn, $data);
//return the escaped value
return $data;
}

You got $conn nowhere within scope of escape_data(). Pass it as argument

Categories