I am trying to create an php script which can read and array list from android and read it's element and store it in data base, now I have been able to store the data in an text file but unable to proceed further, could some body help me out in this matter?
this is the php script which I have used:-
<?php
$i=0;
$password="";
$user="root";
$database="shadowpets";
$host="localhost";
$response=array();
$con=mysqli_connect($host,$user,$password,$database)or die("Unable to connect");
if($_SERVER["REQUEST_METHOD"]=="POST"){
if(isset($_POST['OrderSummary'])){
$data=$_POST['OrderSummary'];
$file='text.txt';
$result=file_put_contents($file,$data);
$response["success"]=1;
$response["message"]="done";
}else{
$response["success"]=0;
$response["message"]="parameters not correctly formatted";
}
echo json_encode($response);
}
?>
what changes I can do here, so I can read the data store it in the database?
First, you need to set up a database and a table in a database server (MySQL).
Then you can create an insert statement like below, bind its parameters and execute it.
if (!($statement = $con->prepare('INSERT INTO `your_table` (`OrderSummary`) VALUES (?)'))) {
die('Could not prepare statement: (' . $con->errno . ') ' . $con->error);
}
if (!$statement->bind_param('s', $_POST['OrderSummary'])) {
die('Could not bind parameter: (' . $statement->errno . ') ' . $statement->error);
}
if (!$statement->execute()) {
die('Could not execute statement: (' . $statement->errno . ') ' . $statement->error);
}
Related
I am using function based database connection and select query also plz help me.
FIRST CODE:
function connectDb(){
//my postgresql db connection
$link=pg_pconnect('host=' . __DB_HOST__ . ' port=' . __DB_PORT__ . ' dbname=' . __DB_NAME__ . ' user=' . __DB_USER__ . ' password=' . __DB_PWD__) or die('connection failed');
AllDelete();// Audit Logs Auto Deletion
}
SECOND CODE:
function AllDelete(){
$MysqlForLogs=pg_query("select audit.*,users.username from audit,users where audit.user_id=users.id and DATE_PART('day',now()-audit.date) > 7") or die(pg_last_error());
$CountRows=pg_num_rows($MysqlForLogs);
}
I am executing the browser it will show on error like 'No database selected' but really i am giving the database name.
What is the problem?
I have a simple html form and a php file to execute a database insertion. The problem I am having is that when I press the submit button, my database table receives 3 copies of the same submission and I only need one. Below is the code.
html:
<!DOCTYPE html>
<html>
<form action="demo.php" method="post">
<p>
Input 1: <input type="text" name="input1" />
<input type="submit" value="Submit" />
</p>
</form>
</html>
php:
<?php
define('DB_NAME', 'phpmyadminName');
define('DB_USER', 'phpmyadminUser');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected){
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['input1'];
$sql = "INSERT INTO demo (input1) VALUES ('$values')";
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
mysql_close();
?>
The DB_NAME, DB_USER, and DB_PASSWORD have all been changed for obvious reasons, but the code does work.
It just submits too many copies of the form data to the database table. Way back when I was in school, I had this issue, but it seemed like the problem was on the server's end and not our code. The server used here is mine and I do have full control over it. If the server is the issue at fault, I need help correcting that (as I am doing this to learn how to admin these tools, I do not know much more than basic level administration).
Kenneth, the code you have provided here honestly needs some work. First of all, please don't use the mysql API anymore. It's deprecated, will no longer be supported in future PHP versions, and is insecure. For all database operations use the mysqli or PDO API's, preferrably with prepared statements.
Secondly, do not ever INSERT $_POST or $_GET variables directly into the database without validating/sanitizing them first as someone could delete your data or even worse your whole database. PHP has numerous functions to make this very easy such as ctype depending on the data type.
Maybe try something like this in your code:
if (!empty($_POST['input1'])) { //checks if data was received//
$value = $_POST['input1'];
mysql_real_escape_string($value);
$sql = "INSERT INTO demo (input1) VALUES ('$value')";
} else {
echo "form was not received";
exit;
}
I also noticed that your variable names were different, which is corrected above.
EDIT :
Mistakenly used wrong syntax for PHP ctype function.
You are taking the POST input value in the variable named $value and in query you are sending $values
I have corrected the code.
Can you please try the below code
<?php
define('DB_NAME', 'phpmyadminName');
define('DB_USER', 'phpmyadminUser');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected){
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['input1'];
if($value!=''){
$sql = "INSERT INTO demo (input1) VALUES ('".$value."')";
}
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
mysql_close();
?>
Below is correct code for the issue. I have checked that when you refresh your page it will create new blank entry in database and also the variable name is wrong.
You have to check for the Request method. This
$_SERVER['REQUEST_METHOD'] === 'POST'
will check the form method and it will prevent the blank entries in database.
<?php
define('DB_NAME', 'test');
define('DB_USER', 'root');
define('DB_PASSWORD', 'mysqldba');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected){
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}
//Test for request method
if($_SERVER['REQUEST_METHOD'] === 'POST') {
$value = $_POST['input1'];
$sql = "INSERT INTO demo (input1) VALUES ('$value')";
//echo $sql;die;
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
}
mysql_close();
?>
I have been banging my head against a wall for hours now, reading several answers on SO, searching the 'net, trying to find a solution. While I realize similar questions have been asked and answered here, my code is different so I can't extrapolate from previous answers what's wrong with mine.
I'm new to PHP/MySQL. I have a poll script that I patched together using some code I found online and my own knowledge; the MySQL is mine, standard stuff. Each time a person votes for one of two things, its corresponding value in the database in increased by one. I'm trying to retrieve and assign each value to its own variable and perform a calculation. I can retrieve the first one just fine, but I get the dreaded
Trying to get property of non-object in..." error and
"Fatal error: Call to a member function bind_param() on a non-object in...
for the second one. It's exactly the same as the first prepare, so I'm not sure what's wrong? This may not be the most efficient way to do this, but like I said, I'm new to this. I DO understand what the error is trying to convey; I just don't understand why I'm getting the error when the prepare statement is identical to the one before it except for the id in the WHERE clause. var_dump($query2) returns bool(false), so I can clearly see nothing is there. But there IS something in the database.
<?php
// Turn on error reporting
ini_set('display_errors', 'On');
// Connect to database
$mysqli = mysqli_connect('localhost', 'dbuser', 'dbpwd', 'dbname');
// Check connection
if (!$mysqli || $mysqli->connect_errno)
{
echo "Connection error: " . $mysqli->connect_errno . " " . $mysqli->connect_error;
exit();
} else if (isset($action)) // This is set through a page redirect
{
// DISPLAY ITEM - THIS WORKS FINE
if (!($query = $mysqli->prepare("SELECT votes FROM influential WHERE id = 1")))
{
echo "Prepare failed: " . $query->errno . " " . $query->error;
}
if (!$query->execute()){
echo "Execute failed: " . $mysqli->connect_errno . " " . $mysqli->connect_error;
}
if (!$query->bind_result($infl1))
{
echo "Bind failed: " . $mysqli->connect_errno . " " . $mysqli->connect_error;
}
if ($query->fetch())
{
echo $infl1;
}
// DISPLAY ITEM - THIS DOESN'T WORK
if (!($query2 = $mysqli->prepare("SELECT votes FROM influential WHERE id = 2")))
{
echo "Prepare failed: " . $query2->errno . " " . $query2->error;
} else echo "Prepare succeeded.";
$query2->bind_param("i", $votes);
if (!$query2->execute()){
echo "Execute failed: " . $mysqli->connect_errno . " " . $mysqli->connect_error;
} else echo "Execute succeeded.";
if (!$query2->bind_result($infl2))
{
echo "Bind failed: " . $mysqli->connect_errno . " " . $mysqli->connect_error;
} else echo "Bind succeeded.";
if ($query2->fetch())
{
echo $infl2;
}
exit();
$mysqli->close();
}
?>
In mysqli, when you issue the command:
.bind_param()
you are binding parameters to placeholders in the original query, not in the result. Your select query should read:
SELECT `votes` FROM `influential` WHERE `id`=?;
Then, you use bind_param to bind an integer to the placeholder, thusly:
.bind_param('i', $id);
After calling .execute(), the result is bound using references by calling .bind_result(). Whatever variable you pass into .bind_result() will contain the data afterwards.
Cheers
Hey i am using Mamp on imac and my problem is that when i hit the submit button (on a post form) to enter the data then nothing shows up and the database remains empty.
Here is my code :
<?php
define('DB_NAME', 'demob');
define('DB_USER','brom');
define('DB_PASSWORD','****');
Define('DB_HOST','localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect : ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected){
die('cant use' . DB.NAME . ' : ' .mysql_error());
}
$value = $_POST['input1'];
$sql = "INSER INTO memberss ('input1') VALUES ('$value')";
mysql_close();
?>
You are not executing a query.
$sql = "INSER INTO memberss ('input1') VALUES ('$value')";
mysql_query($sql);
You should know that, the method you are using to connect to mysql is deprecated now. please read up about PDO or mysqli
I just referenced this answer and what I preferred was very first solution, now the issue is he has given an information for mysql_() but am using mysqli_(), so using 4th parameter as true, I select the database when user logs in, the moment he logs in he gets redirected to respective page but it is showing that connection was actively refused. any Idea how I can use 2 database, 1 is my default engine database which I need to keep it on for running my framework and second database to run respective scripts according to the user logged in...
What am trying is this
<?php
$database_connect = mysqli_connect('localhost', 'root', '', 'engine');
if(!$database_connect) {
die ('Connect Error (' . mysqli_connect_errno() . ') '. mysqli_connect_error());
}
if(isset($_SESSION['system_id'])) {
$system_database = mysqli_connect('localhost', 'root', '', $_SESSION['system_name'], true);
if(!$system_database) {
die ('Connect Error (' . mysqli_connect_errno() . ') '. mysqli_connect_error());
}
}
?>
P.S I want a procedural way
You don't need any extra parameters, simply do it like this
<?php
$database_connect = mysqli_connect('localhost', 'root', '', 'engine');
if(!$database_connect) {
die ('Connect Error (' . mysqli_connect_errno() . ') '. mysqli_connect_error());
}
if(isset($_SESSION['system_id'])) {
$system_database = mysqli_connect('localhost', 'root', '', $_SESSION['system_name']);
if(!$system_database) {
die ('Connect Error (' . mysqli_connect_errno() . ') '. mysqli_connect_error());
}
}
//Now whatever query you write, just do it like this
$access = mysqli_query($database_connection_var, "/*Query Goes Here*/"); //Will get database name from $database_connection_var
$access2 = mysqli_query($database_connection_var2, "/*Query Goes Here*/"); //Will get database name from $database_connection_var2
?>