This question already has answers here:
Why shouldn't I use mysql_* functions in PHP?
(14 answers)
Closed 4 years ago.
Here is my php and mysql code. It don't show any data . please tell me where is my error:
<?php
$ddaa = mysql_query("SELECT ref FROM users WHERE id='$uid'");
$mallu2 = mysql_query("SELECT mallu FROM users WHERE id='$ddaa'");
$result = mysql_fetch_array($mallu2);
echo $result['mallu'];
?>
You can use Mysqli,mysql is deprecated
a little example:
conection to db test
$mysqli = new mysqli('127.0.0.1', 'user', 'password', 'test');
if ($mysqli->connect_errno) {
echo "Error: Errot on connection : \n";
echo "Errno: " . $mysqli->connect_errno . "\n";
}
// the query
$sql = "SELECT ref FROM users WHERE id=$uid";
//if don't have result
if ($resultado->num_rows === 0) {
echo "we can't find data with $uid. try again !.";
exit;
}
//print the result
while ($dato = $resultado->fetch_assoc()) {
echo $dato['ref'];
}
Mysqli Php documentation
Related
This question already has answers here:
MySQL date comparison
(7 answers)
Closed 5 years ago.
I have date type input on my site. I want to check if selected date is in the database and also is greater than for example 2017-01-01. I have something like this. How to do that?
if(ISSET($_POST['receipt_date'])) {
$receipt_code=$_POST['receipt_date'];
$checkdata="SELECT receipt_date FROM receipts WHERE receipt_code='$receipt_code' ";
$query=mysql_query($checkdata);
if(mysql_num_rows($query)>0) {
echo "exist";
} else {
echo "ok";
}
exit();
}
Check this snippet :
<?php
$link_to_db = mysqli_connect('localhost', 'my_user', 'my_password', 'my_db');
if(isset($_POST['receipt_date']))
{
$receipt_date = $_POST['receipt_date'];
$recept_datetime = new Datetime($receipt_date); # use \ before it if you using namespaces
$check_data = "SELECT receipt_date FROM receipts WHERE receipt_date = '".$recept_datetime->format('Y-m-d H:i:s')."'";
$query = mysqli_query($link_to_db, $checkdata); # use mysqli instead of mysql functions
if(mysqli_num_rows($query) == 0) {
echo "ok";
}
$check_datetime = new Datetime('2017-01-01 00:00:00');
# work only on php > 5.2.2
if ($receipt_datetime > $check_datetime) {
echo "check OK";
}
}
?>
Hope this helps !
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
Closed 5 years ago.
guys! I'm in trouble with my MySQL database. When I try to access the fields it doesn't return the exact value. Here is the code.
<?php
$host = "localhost";
$user = "******";
$pass = "******";
$db = mysql_connect($host, $user, $pass) or die("Unable to connect. Check your connection parameters.");
mysql_select_db("*****") or die("Unable to select database!");
$form_username=$_POST["username"];
$form_password=$_POST["password"];
$query="
SELECT username, password FROM users
";
$result=mysql_query($query,$db) or die("Unable to send the query".mysql_error());
$index=0;
while($row=mysql_fetch_row($result))
{
$username[$index]=row[0];
$password[$index]=row[1];
$index++;
}
for($i=0; $i<=$index; $i++)
{
if($form_username==$username[$i]&& $form_password==$password[$i])
{
session_start();
$_SESSION["login"]="OK";
header("Location: ************");
die();
}
}
The if statement inside the for operator returns false for every given value. When I echo every username and password like this:
echo $form_username." ".$username[0]." ".$form_password." ".$password[0]."<br>";
echo $form_username." ".$username[1]." ".$form_password." ".$password[1]."<br>";
echo $form_username." ".$username[2]." ".$form_password." ".$password[2]."<br>";
It echo me this:
admin r 12345 o
admin r 12345 o
admin r 12345 o
I really don't know where the problem is.
I'll really appreciate your help.
Should this bit:
while($row=mysql_fetch_row($result))
{
$username[$index]=row[0];
$password[$index]=row[1];
$index++;
}
Read:
while($row=mysql_fetch_row($result))
{
$username[$index] = $row[0];
$password[$index] = $row[1];
$index++;
}
Note missing $ on the variable names.
This question already has answers here:
PHP parse/syntax errors; and how to solve them
(20 answers)
Can I mix MySQL APIs in PHP?
(4 answers)
Closed 5 years ago.
I'm making php chat to my school project. Php code is divided to two files with code. First file is file, where is chat window and text input to enter message. This is the php code of first file:
<?php
$connection = mysql_connect('localhost', 'root', 'root');
if (!$connection) {
die('<b>Can\'t connect to database server. Error message: ' . mysql_error() . '</b>');
}
$database = mysql_select_db('vaclavik', $connection);
if (!$database) {
$command = 'CREATE DATABASE vaclavik';
if (mysql_query($command, $connection)) {
echo '<b>Database wasn\'t found. New one has been created. </b>';
mysql_close($connection);
$connection = new mysqli('localhost', 'root', 'root', 'vaclavik');
$command = 'CREATE TABLE chat(datum DATETIME, zprava TEXT)';
if (mysqli_query($connection, $command)) {
die('New table has been created!');
}
else {
die('Can\'t create new table!');
}
}
else {
die('Database wasn\'t found and new one can\'t be created!');
}
}
mysql_close($connection);
$connection = mysqli_connect('localhost', 'root', 'root', 'vaclavik');
$command = 'SELECT * FROM chat';
$result = mysqli_query($connection, $command);
if(empty($result)) {
$command = 'CREATE TABLE chat(datum DATETIME, zprava TEXT)';
if (mysqli_query($connection, $command)) {
die('New table has been created');
}
else {
die('New table can\'t be created');
}
}
if (mysqli_num_rows($result) > 0) {
while($row = $result->fetch_assoc()) {
echo '<b>' . $row["datum"] . ":</b> " . $row["zprava"] . "<br />";
}
}
else {
echo '<b>No message found. Write something! :)</b>';
}
mysqli_close($connection);
?>
This code works. Then I created form to input message. It redirects to another file with php code to insert message into database. Problem is, if I put code with no error detections, it does nothing. And when I put there some error protetions, php starts report Parse errors with unexpected chars in code. Commonly '{' and 'echo'.
This is code of second file:
<?php
$message = $_POST["chatinput"];
$connection = mysqli_connect('localhost', 'root', 'root', 'vaclavik');
$command = "INSERT INTO chat (datum, zprava) VALUES (\'" . date("Y-m-d, h:i:sa") . "\', \'" . $message . "\')";
mysqli_query($connection, $command);
mysqli_close($connection);
echo "<script>window.location = \"../chat.php\"</script>";
?>
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 7 years ago.
I know this has been asked many times before but I'm still stumped.
I'm obviously missing something but I have been unable to figure out how to successfully escape the apostrophe when sending a mysql query from php. Why does this not work when everything I have read says it should.
<?php
$title = "havin' fun";
$con=mysqli_connect($server,$username,$password,$database);
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$title = mysqli_real_escape_string($title);
$result = mysqli_query($con,"SELECT id,artist,title FROM songs WHERE title = '$title'");
if($result) {
while($row = mysqli_fetch_assoc($result)) {
$id = $row['id'];
$artist = $row['artist'];
$title = $row['title'];
echo $id.' - '.$artist.' - '.$title.'<br>';
}
}else echo 'No Results';
mysqli_close($mysqli);
?>
$title = mysqli_real_escape_string($title);// add another parameter for connection
For example:
$title = mysqli_real_escape_string($conn, $title)
This question already has answers here:
Warning: preg_replace(): Unknown modifier
(3 answers)
Closed 7 years ago.
I'm sure I'm just doing something stupid but I think I'm close. What I'm trying to do as add validation to my submission. With my current code regardless of what data I enter into the serial field it always comes up with Invalid Serial. Any suggestions?
<?php
$serial=$_POST['serial'];
$model=$_POST['model'];
$deviceCondition=$_POST['deviceCondition'];
$sealCondition=$_POST['sealCondition'];
$location=$_POST['location'];
$deployDate=$_POST['deployDate'];
$weight=$_POST['weight'];
$connectedTerminal=$_POST['connectedTerminal'];
$notes=$_POST['notes'];
//NEW PDO connection
$serialVal = "[a-zA-Z0-9-]+";
if ( preg_match( $serialVal, $serial ) ) {
try{
$conn = new PDO("mysql:host=$sql_server;dbname=$sql_db", $sql_user, $sql_pass);
$sql = "INSERT INTO web01dev4s2.ingenicoInfo (serial, model, deviceCondition, sealCondition, location, deployDate, weight, connectedTerminal, notes) VALUES ('".$serial."', '".$model."', '".$deviceCondition."', '".$sealCondition."', '".$location."', '".$deployDate."', '".$weight."', '".$connectedTerminal."', '".$notes."')";
$q = $conn->prepare($sql);
$result_1=($sql);
$q->execute();
}
catch (PDOException $pe) {
die("Could not connect to the database" . $pe->getMessage());
}
$count = $q->rowCount();
print("Saved $count record(s).\n");
header( "refresh:2;url=devicelist.php" );
}
else {
echo $serial . "Invalid serial number.";
}
?>
You forgot the delimiters "/"
if(preg_match("/[a-zA-Z0-9-]+/", $serial))
echo 'oui';
else
echo 'no';