I created a page where I can edit user information. I am only performing a prepared statement off of one db table called 'users' and in the users db table I have a column called group where I can assign users different permission levels. I am outputting the current data for the user I selected onto this page, so if a user has a group level of 1, in the option field it will show 1. I then have 4 other options which I list the other values at 2, 3, 4, and 5. Whenever I try to submit the form I am getting an exception error from my user class "There was a problem updating!". There update function is below where the exception error is...
public function update($fields = array(), $id = null) {
if(!$id && $this->isLoggedIn()) {
$id = $this->data()->id;
}
if(!$this->_db->update('users', $id, $fields)) {
throw new Exception('There was a problem updating!');
}
}
I believe my prepared statement and form is sound other than possibly the group option area. I want the current group number to be displayed in the option box and if I do not need to update it, I want to be able to click submit and not have any issues and I want to be able to update the group integer.
This is the part I am not sure if it is correct or enabling me to do this..
<div class="field">
<label for="group">Group</label>
<select name="group" required>
<option value=''><?php echo htmlentities($group); ?></option>
<option value="1">Bench</option>
<option value="2">Spectator</option>
<option value="3">Team Member</option>
<option value="4">Commissioner</option>
<option value="5">Creator</option>
</select>
</div>
Here is my prepared statement and form...
<?php
$con = mysqli_connect("localhost","root","","db");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$stmt = $con->prepare("SELECT firstname, lastname, email, username, `group` FROM users WHERE id = ?");
if ( false===$stmt ) {
// Check Errors for prepare
die('prepare() failed: ' . htmlspecialchars($con->error));
}
$stmt->bind_param("i", $_GET['id']);
if ( false===$stmt ) {
// Check errors for binding parameters
die('bind_param() failed: ' . htmlspecialchars($stmt->error));
}
$stmt->execute();
if ( false===$stmt ) {
die('execute() failed: ' . htmlspecialchars($stmt->error));
}
//Check errors for execute
//if(!$stmt->execute()){trigger_error("there was an error....".$con->error, E_USER_WARNING);}
$stmt->bind_result($firstname, $lastname, $email, $username, $group);
$stmt->store_result();
if ($stmt->fetch()) { ?>
<form action="" method="post">
<div class="field">
<label for="firstname">First Name</label>
<input type="text" name="firstname" class="inputbar" value="<?php echo htmlentities($firstname); ?>" required>
</div>
<div class="field">
<label for="lastname">Last Name</label>
<input type="text" name="lastname" class="inputbar" value="<?php echo htmlentities($lastname); ?>" required>
</div>
<div class="field">
<label for="email">Email</label>
<input type="email" class="inputbaremail" name="email" value="<?php echo htmlentities($email); ?>" required>
</div>
<div class="field">
<label for="username">Username</label>
<input type="text" class="inputbar" name="username" value="<?php echo htmlentities($username); ?>" required>
</div>
<div class="field">
<label for="group">Group</label>
<select name="group" required>
<option value=''><?php echo htmlentities($group); ?></option>
<option value="1">Bench</option>
<option value="2">Spectator</option>
<option value="3">Team Member</option>
<option value="4">Commissioner</option>
<option value="5">Creator</option>
<!--<input type="text" class="inputbar" name="group" value="<?php //echo htmlentities($group); ?>" required>-->
</select>
</div>
<input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
<label for="signinButton">
<input type="submit" id="signinButton" value="Update">
</label>
</form>
<?php } else { ?>
User <?php echo htmlentities($_GET['id']); ?> not found.
<?
} ?>
Does anyone see anything that would be preventing this to go through?
UPDATE:
public function update($fields = array(), $id = null) {
if(!$id && $this->isLoggedIn()) {
$id = $this->data()->id;
}
echo $this->_db->update('users', $id, $fields);
}
//if(!$this->_db->update('users', $id, $fields)) {
//throw new Exception('There was a problem updating!');
//}
//if(!$this->_db->update('users', $id, $fields)) {
// throw new Exception('There was a problem updating!')->getMessage();
//}
//}
NEW CODE WITH INSERT PREPARED STATEMENT ADDED. STILL NOT SENDING
if(isset($_POST['submit'])){
$firstname = Input::get('firstname');
$lastname = Input::get('lastname');
$email = Input::get('email');
$username = Input::get('username');
$group = 1;
$con = mysqli_connect("localhost","root","","db");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$stmt2 = $con->prepare("INSERT INTO users (firstname, lastname, email, username, `group`) VALUES (?, ?, ?, ?, ?");
if ( false===$stmt2 ) {
// Check Errors for prepare
die('User Request prepare() failed: ' . htmlspecialchars($con->error));
}
$stmt2->bind_param('sssssi', $firstname, $lastname, $email, $username, $group);
if ( false===$stmt2 ) {
// Check errors for binding parameters
die('User Request bind_param() failed: ' . htmlspecialchars($stmt2->error));
}
$stmt2->execute();
if ( false===$stmt2 ) {
die('User Request execute() failed: ' . htmlspecialchars($stmt2->error));
}
}
//Prepared statement that gets user info
$con = mysqli_connect("localhost","root","","db");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$stmt = $con->prepare("SELECT firstname, lastname, email, username, `group` FROM users WHERE id = ?");
if ( false===$stmt ) {
// Check Errors for prepare
die('prepare() failed: ' . htmlspecialchars($con->error));
}
$stmt->bind_param("i", $_GET['id']);
if ( false===$stmt ) {
// Check errors for binding parameters
die('bind_param() failed: ' . htmlspecialchars($stmt->error));
}
$stmt->execute();
if ( false===$stmt ) {
die('execute() failed: ' . htmlspecialchars($stmt->error));
}
//Check errors for execute
//if(!$stmt->execute()){trigger_error("there was an error....".$con->error, E_USER_WARNING);}
$stmt->bind_result($firstname, $lastname, $email, $username, $group);
$stmt->store_result();
if ($stmt->fetch()) { ?>
Trying to use try/catch...
public function update($fields = array(), $id = null) {
if(!$id && $this->isLoggedIn()) {
$id = $this->data()->id;
}
//echo $this->_db->update('users', $id, $fields);
//if(!$this->_db->update('users', $id, $fields)) {
//throw new Exception('There was a problem updating!');
//}
try {
if(!$this->_db->update('users', $id, $fields)) {
throw new Exception('There was a problem updating!');
}
}
catch(Exception $e) {
echo "An error occurred";
throw $e;
}
finally {
//This overrides the exception as if it were never thrown
return "\nException erased";
}
try {
echo asdf();
}
catch(Exception $e) {
echo "\nResult: " . $e->getMessage();
}
I get this error..
An error occurred
Warning: Cannot modify header information - headers already sent by (output started at /home4/db/public_html/example.com/classes/User.php:46) in /home4/db/public_html/example.com/classes/Redirect.php on line 14
Line 45 of my user class is this..
echo "An error occurred";
Related
I am trying to insert into my table (courses) in my sql database. But when I run my code (by clicking submit) I get this error:
I am no longer getting an error, I get the message:
New course created successfully
But when I check the database, the course has not been added
This is my code:
<?php
if (isset($_POST['submit'])) {
try {
require "../config.php";
require "../common.php";
$connection = new PDO($dsn, $username, $password);
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO course (courseName, cDescription, programID, programYear, credit)
VALUES (:courseName, :cDescription, :programID, :programYear, :credit)";
$courseName = $_POST['courseName'];
$cDescription = $_POST['cDescription'];
$programID = $_POST['programID'];
$programYear = $_POST['programYear'];
$credit = $_POST['credit'];
$statement = $connection->prepare($sql);
$statement->bindParam(':courseName', $courseName, PDO::PARAM_STR);
$statement->bindParam(':cDescription', $cDescription, PDO::PARAM_STR);
$statement->bindParam(':programID', $programID, PDO::PARAM_STR);
$statement->bindParam(':programYear', $programYear, PDO::PARAM_STR);
$statement->bindParam(':credit', $credit, PDO::PARAM_STR);
$connection->exec($statement);
echo "New course created successfully";
} catch(PDOException $error) {
echo $statement. "<br>" . $error->getMessage();
}
}
?>
<?php include "templates/header.php"; ?>
<h2>Add a course</h2>
<form method="post">
<label for="courseName">Course Name:</label>
<input type="text" name="courseName" id="courseName" required>
<label for="cDescription">Course Description:</label>
<input type="text" name="cDescription" id="cDescription" size="40" required>
<label for="programID">Program ID:</label>
<input type="number" name="programID" id="programID" required>
<label for="programYear">Program Year:</label>
<input type="number" name="programYear" id="programYear" required>
<label for="credit">credit:</label>
<input type="number" name="credit" id="credit" required>
<input type="submit" name="submit" value="Submit">
</form>
Back to home
<?php include "templates/footer.php"; ?>
To try and see what was wrong, I tried simplifying this to, which works
<?php
if (isset($_POST['submit'])) {
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "courseselector";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO course (courseName, cDescription, programID, programYear, credit)
VALUES ('courseName', 'cDescription', 1, 4, 1)";
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
}
?>
<?php include "templates/header.php"; ?>
<h2>Add a course</h2>
<form method="post">
<input type="submit" name="submit" value="Submit">
</form>
Back to home
<?php include "templates/footer.php"; ?>
I was missing
$statement->execute();
Above
$connection->exec($statement);
I have a form on a website I'm working on which needs to submit information to a MySQL database. I'm primarily a web designer, and PHP is somewhat new to me. I've written this PHP code as the action for my HTML form, which is below:
<?php
//only process if $_POST isn't empty
if ( ! empty( $_POST ) ){
//connect to mysql
$mysqli = new mysqli( 'localhost', 'user', 'pass', 'dbname' );
//check connection
if ( $mysqli->connect_error ) {
die( 'Connect Error: ' . $mysqli->connect_errno . ': ' . $mysqli->connect_error );
}
//insert data
$sql = ("
INSERT INTO `table` (`ID`, `u_fname`, `u_lname`, `u_email`)
VALUES (NULL, '{$mysqli->real_escape_string($_POST['u_fname'])}', '{$mysqli->real_escape_string($_POST['u_lname'])}', {$mysqli->real_escape_string($_POST['u_email'])}')");
$insert = $mysqli->query($sql);
//print response from sql
if ( $insert ) {
echo "Success! Row ID: {$mysqli->insert_id}";
}
else {
die("Error: {$mysqli->errno} : {$mysqli->error}");
}
//close connection
$mysqli->close();
}
?>
The relevant HTML form is here:
<div class="form-container">
<form action="signupform.php" method="post" class="isubmit" name="signup" onsubmit="swal({
type: 'success',
title: 'Thanks!',
showConfirmButton: false,
timer: 1500
})">
<input required type="text" name="u_fname" class="first-name" placeholder="First Name">
<input required type="text" name="u_lname" class="last-name" placeholder="Last Name">
<input required type="text" name="u_email" class="email" placeholder="Email">
<button class="isubmit submit-text" type="submit">submit</button>
</form>
</div>
The HTML and PHP files are separate but in the same directory. I'm aware the PHP needs to be made more secure to avoid injection, but that is not my issue. The issue is that when the submit button is pressed, the PHP does not send the entries to my database. The database remains unchanged, and what I need is for the information from the form fields to populate the database table when the user hits the submit button on the HTML form. Any help with my code or suggestions of a better method would be greatly appreciated.
Remove the mysqli_real_escape_string from your string in your query and set a variable to equal your post value. Your 'id' also needs to be removed from the insert as the ID in your database should be an auto increment. Added in an error validation and prepared statement to help prevent sql injection.
//insert data
<?php
if(!empty($_POST)) {
if(isset($_POST['submit'])){
//connect to mysql
$mysqli = mysqli_connect( 'localhost', 'user', 'pass', 'dbname' );
//check connection
if (!$mysqli) {
die( 'Connect Error: ' . mysqli_error());
}
$u_fname = mysqli_real_escape_string($mysqli, $_POST['u_fname']);
$u_lname = mysqli_real_escape_string($mysqli, $_POST['u_lname']);
$u_email = mysqli_real_escape_string($mysqli, $_POST['u_email']);
//VALIDATION ARRAY
$error = [
"u_fname"=> '',
"u_lname"=> '',
"u_email"=> ''
];
if($u_fname == '') {
$error['u_fname'] = "Please Enter Your First Name";
}
if($u_lname == '') {
$error['u_fname'] = "Please Enter Your Last Name";
}
if($u_email == '') {
$error['u_fname'] = "Please Enter Your Email";
}
else {
//IF NO ERRORS INSERT DATA
$stmt = mysqli_prepare($mysqli, "INSERT INTO `table` (`u_fname`, `u_lname`, `u_email`) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'sss', $u_fname, $u_lname, $u_email);
mysqli_stmt_execute($stmt);
//print response from sql
if ($stmt ) {
echo "Success!";
}
else {
die("Error" . mysqli_error());
}
//close connection
mysqli_close($mysqli);
}
}
}
?>
And for the Form
<div class="form-container">
<form action="signupform.php" method="post" class="isubmit" name="signup">
<input required type="text" name="u_fname" class="first-name" placeholder="First Name">
<span><?php echo isset($error['u_fname']) ? $error['u_fname'] : ''?></span>
<input required type="text" name="u_lname" class="last-name" placeholder="Last Name">
<span><?php echo isset($error['u_lname']) ? $error['u_lname'] : ''?></span>
<input required type="text" name="u_email" class="email" placeholder="Email">
<span><?php echo isset($error['u_email']) ? $error['u_email'] : ''?></span>
<button class="isubmit submit-text" type="submit" name="submit">submit</button>
</form>
</div>
I've created a HTML form that inserts user data into a database using MySQL and PHP.
HTML form:
<form action="index.php" method="POST" >
<div class="container">
<label for="username"><b>Username</b></label>
<input type="text" placeholder="Enter Username" id="username" name="username" required>
<label for="psw"><b>Password</b></label>
<input type="password" placeholder="Enter Password" id="psw" name="psw" required>
<label for="email"><b>Email address</b></label>
<input type="text" placeholder="Email address" id="email" name="email" required>
<input type="submit" value="Submit" name="Submit">
</div>
</form>
index.php:
// Create connection
$dbc = #mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME)
OR die('Could not connect to MySQL: ' .mysqli_connect_error());
if(isset($_POST['Submit'])) {
$USER = (isset($_POST['username']) ? $_POST['username'] : null);
$PASSWORD = (isset($_POST['psw']) ? $_POST['psw'] : null);
$EMAIL = (isset($_POST['email']) ? $_POST['email'] : null);
$stmt = $dbc->prepare("INSERT INTO webapp_db.users (username, password, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $USER, $PASSWORD, $EMAIL);
$stmt->execute();
echo "New records created successfully";
} else{
die('Error: '.mysqli_error($dbc));
}
$stmt->close();
$dbc->close();
And I don't get any errors. It says: "New records created successfully" but nothing has been created
Any idea where the problem is? Thank you in advance
Try wrapping the checks into isset() statements like so:
// Create connection
$dbc = #mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) OR die('Could not connect to MySQL: ' .mysqli_connect_error());
if(isset($_POST['Submit'])) {
$USER = (isset($_POST['username']) ? $_POST['username'] : null);
$PASSWORD = (isset($_POST['psw']) ? $_POST['psw'] : null);
$EMAIL = (isset($_POST['email']) ? $_POST['email'] : null);
$stmt = $dbc->prepare("INSERT INTO webapp_db.users (username, password, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $USER, $PASSWORD, $EMAIL);
$stmt->execute();
echo "New records created successfully";
} else{
die('Error: '.mysqli_error($dbc));
}
$stmt->close();
$dbc->close();
Ok, remember that execute function returns a boolean. Try to check if the query were executed with success or not:
$executed = $stmt->execute();
if ($executed == true) { // or just "if ($executed) {" if you prefer
echo "New records created successfully";
} else {
echo "Oops! Something went wrong";
}
But if you need something more precise, ... try with errorInfo function, that returns an array.
if ($executed == 1) {
echo "New records created successfully";
} else {
print_r($stmt->errorInfo());
}
I have a form (add_company_form.php) in my submit_form_company.php that takes the values from POST and sends them to mysql trough a pdo connection. But I cant get my validation.php to validate the input. I want the user to stay on the same page which is why I dont have a action in the form. The code itself is not complete and there is alot of improvements that can be done, but Im stuck on the validation for now.. Am I on the right track by adding the validation.php before like my db.php?
Submit_form_company.php
<?php
if ($_SERVER['REQUEST_METHOD'] == "POST") {
try {
include('db.php');
include('validation.php');
if(empty($_SESSION["error_message"]) && $_POST['submit_company']) {
$STH = $conn->prepare("
INSERT INTO companies (Name,Notes,OrganizationNumber)
VALUES (:Name,:Notes,:OrganizationNumber)");
$STH->bindParam(':Name', $_POST['Name'], PDO::PARAM_STR);
$STH->bindParam(':Notes', $_POST['Notes'], PDO::PARAM_STR);
$STH->bindParam(':OrganizationNumber', $_POST['OrganizationNumber'], PDO::PARAM_INT);
$STH->execute();
} elseif ($_SESSION["error_message"] && $_POST['submit_edit']) {
foreach ($_POST['company'] as $i => $value) {
$STH = $conn->prepare("
UPDATE companies
SET Name = :Name,Notes = :Notes,OrganizationNumber = :OrganizationNumber
WHERE Id = :Id");
$STH->bindParam(':Id', $value['Id'], PDO::PARAM_INT);
$STH->bindParam(':Name', $value['Name'], PDO::PARAM_STR);
$STH->bindParam(':Notes', $value['Notes'], PDO::PARAM_STR);
$STH->bindParam(':OrganizationNumber', $value['OrganizationNumber'], PDO::PARAM_INT);
$STH->execute();
}
}
if(empty($_SESSION["error_message"])){
echo "<meta http-equiv='refresh' content='0'>";
}
}
catch (PDOException $e) {
echo $e->getMessage();
}
}
require("add_company_form.php");
$DBH = null;
?>
add_company_form.php
<div class="row">
<form class="col-md-4 navbar-form" method="POST" action="" enctype="multipart/form-data">
<div class="form-group">
<label class="sr-only" for="Name">Name:</label> <input type="text" class="form-control" name="Name" placeholder="Name"><br />
<label class="sr-only" for="Notes">Notes:</label> <input type="text" class="form-control" name="Notes" placeholder="Notes"><br />
<label class="sr-only" for="OrganizationNumber">OrganizationNumber:</label> <input type="text" class="form-control" name="OrganizationNumber" placeholder="OrganizationNumber"><br />
<input type="submit" name="submit_company" class="btn btn-default" value="Submit">
</div>
</form>
<?php
if(!empty($_SESSION["error_message"])){
echo'<div id="error_message" class="col-md-8">';
print_alert_error($_SESSION["error_message"]);
$_SESSION["error_message"] = "";
echo'</div>';
} ?>-
Validation.php
<?
$error = "";
if(isset($_POST['submit_company'])) {
$name = $_POST['Name'];
$notes = $_POST['Notes'];
$organization_number = $_POST['OrganizationNumber'];
if (!ctype_alpha(str_replace(array("'", "-"), "",$name))) {
$error .= '<p class="error">Name should be alpha characters only.</p>';
}
}
//Add error message to session
if (!empty($error)){
$_SESSION["error_message"] = $error;
}
?>
DB.php
<?php
$servername = "127.0.0.1";
$username = "root";
$password = "";
$dbname = "test";
$conn = new PDO("mysql:host=$servername;dbname=$dbname;charset=utf8", $username, $password,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"));
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
?>
A silly suggestion but try using the full <?php opening tag in your validation.php file.
i have been staring at this page for half an hour trying to figure out where i am going wrong. The first two variables are found and inserted into database, however the last two, 'email' and 'password' are not found, not inserted into database but still however pass the if statement. Any help will be much appreciated.
Form.php
<form name="signup" method="POST" action="signup.php">
<label for="signupFirstName">First Name</label>
<input type="text" id="signupFirstName" name="signupFirstName" />
<label for="signupLastName">Last Name</label>
<input type="text" id="signupLastName" name="signupLastName"/>
<label for="signupEmail">Email</label>
<input type="text" id="signupEmail" name="signupEmail" />
<label for="signupConfirmEmail">Confirm Email</label>
<input type="text" id="signupConfirmEmail" name="signupConfirmEmail"/>
<label for="signupPassword">Password</label>
<input type="text" id="signupPassword" name="signupPassword"/>
<label for="signupConfirmPassword">Confirm Password</label>
<input type="text" id="signupConfirmPassword" name="signupConfirmPassword"/>
<button name="submit" type="submit" >Submit Form</button>
</form>
signup.php
<?php
if (isset($_POST['signupFirstName']) || isset($_POST['signupLastName']) || isset($_POST['signupEmail']) || isset($_POST['signupPassword']) ) {
echo $_POST['signupEmail'];
$mysqli = new mysqli('localhost', 'user1', 'password', 'db2');
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$stmt = $mysqli->prepare("INSERT INTO members (First_Name, Last_Name, Email, Password) VALUES (?,?,?,?)");
$stmt->bind_param('ssss',$sample,$lastName,$email,$password);
// escape the POST data for added protection
$sample = isset($_POST['signupFirstName'])
? $mysqli->real_escape_string($_POST['signupFirstName'])
: '';
$lastName = isset($_POST['signupLastName'])
? $mysqli->real_escape_string($_POST['signupLastName'])
: '';
$email = isset($_POST['signupEmail'])
? $mysqli->real_escape_string($_POST['signupEmail'])
: '';
$password = isset($_POST['signupPassword'])
? $mysqli->real_escape_string($_POST['signupPassword'])
: '';
/* execute prepared statement */
$stmt->execute();
printf("%d Row inserted.\n", $stmt->affected_rows);
/* close statement and connection */
$stmt->close();
/* close connection */
$mysqli->close();
}
else{
echo "broken";
}
?>
You seem to be binding the params to your query before you actually set the variables. Move the bind_param() call above the execute() call.
You can also refactor your code to take out a lot of the junk. Example below:
<?php
function arr_get($array, $key) {
if (isset($array[$key])) {
return $array[$key];
}
return '';
}
if (isset($_POST['signupFirstName']) || isset($_POST['signupLastName']) || isset($_POST['signupEmail']) || isset($_POST['signupPassword']) ) {
echo $_POST['signupEmail'];
$mysqli = new mysqli('localhost', 'user1', 'password', 'db2');
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$stmt = $mysqli->prepare("INSERT INTO members (First_Name, Last_Name, Email, Password) VALUES (?,?,?,?)");
$stmt->bind_param('ssss', arr_get($_POST, 'signupFirstName'), arr_get($_POST, 'signupLastName'), arr_get($_POST, 'signupEmail'), arr_get($_POST, 'signupPassword'));
/* execute prepared statement */
$stmt->execute();
printf("%d Row inserted.\n", $stmt->affected_rows);
/* close statement and connection */
$stmt->close();
/* close connection */
$mysqli->close();
}
else {
echo "broken";
}
?>