I already know that if you want to connect to a database using MySQL you have to provide the correct URL, username, password that is the normal thing here is my code:
<?php
$mysql_id = mysql_connect('localhost', 'root', '');
mysql_select_db('Booklet', $mysql_id);
if(!$mysql_id)
{
echo"cannot connect to database ";
}
?>
This code runs well, however if I messed with the username which is root it still connects here is the code:
<?php
$mysql_id = mysql_connect('localhost', 'rot', '');
mysql_select_db('Booklet', $mysql_id);
if(!$mysql_id)
{
echo"cannot connect to database ";
}
?>
Can anyone explain to me why is this happening?
As of PHP 5.5.0 mysql_* functions are deprecated and you should not code with thoses. Think of thoses function as a crawling zombie, you don't go and kiss it, do you ?
You should use MySQLi or PDO for doing operations on database. Please don't bother with mysql_* anymore, you dont want that. It's like asking to code on Windows Milenium, hell, even booting this thing is a nightmare.
Anyway, to answer the question you should write :
$mysql_id = mysql_connect('localhost', 'rot', '') or die(mysql_error());
Or better, you should look at the doc of MySqli and be free of thoses shackles. Think about that, please.
You never bothered checking for failure. Your code simply assumes success and blunders onwards.
$mysql_id = mysql_connect('localhost', 'rot', '') or die(mysql_error());
^^^^^^^^^^^^^^^^^^^^^^
mysql_select_db('Booklet', $mysql_id) or die(mysql_error());
All of the mysql_*() function return boolean false on failure. You need to check for that false. Never ever assume a DB operation succeeded. Always assume failure, check for that failure, and treat success as a pleasant surprise.
This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used.
try to debug your code by adding mysql_error() like this
$mysql_id = mysql_connect('localhost', 'rot', '');
mysql_select_db('Booklet', $mysql_id);
echo " debug return: " . mysql_error();
or simply update your code if you have a newest version of php > 5.5.0
$mysql_id = mysqli_connect("myhost","myuser","mypassw","mybd") or die("Error " . mysqli_error($link));
Using the new MySQLi functions, you would get a false back on trying to connect, also you can pass you database as fourth parameter. So your code could look like this:
<?php
if($mysql_id = mysqli_connect('localhost', 'root', '', 'Booklet'))
{
/* do something like mysqli_query($mysql_id, ... */
}
else
{
echo"cannot connect to database ";
}
?>
Related
I am trying to do a simple connection with XAMPP and MySQL server, but whenever I try to enter data or connect to the database, I get this error.
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in C:\xampp\htdocs\register.php:22
Stack trace: #0 {main} thrown in C:\xampp\htdocs\register.php on line 22
Example of line 22:
$link = mysql_connect($mysql_hostname , $mysql_username);
mysql_* functions have been removed in PHP 7.
You probably have PHP 7 in XAMPP. You now have two alternatives: MySQLi and PDO.
You can use mysqli_connect($mysql_hostname , $mysql_username) instead of mysql_connect($mysql_hostname , $mysql_username).
mysql_* functions were removed as of PHP 7. You now have two alternatives: MySQLi and PDO.
It is recommended to use either the MySQLi or PDO extensions. It is not recommended to use the old mysql extension for new development, as it was deprecated in PHP 5.5.0 and was removed in PHP 7.
PHP offers three different APIs to connect to MySQL. Below we show the APIs provided by the mysql, mysqli, and PDO extensions. Each code snippet creates a connection to a MySQL server running on "example.com" using the username "username" and the password "password". And a query is run to greet the user.
Example #1 Comparing the three MySQL APIs
<?php
// mysqli
$mysqli = new mysqli("example.com", "username", "password", "database");
$result = $mysqli->query("SELECT 'Hello, dear MySQL user!' AS _message FROM DUAL");
$row = $result->fetch_assoc();
echo htmlentities($row['_message']);
// PDO
$pdo = new PDO('mysql:host=example.com;dbname=database', 'username', 'password');
$statement = $pdo->query("SELECT 'Hello, dear MySQL user!' AS _message FROM DUAL");
$row = $statement->fetch(PDO::FETCH_ASSOC);
echo htmlentities($row['_message']);
// mysql
$c = mysql_connect("example.com", "username", "password");
mysql_select_db("database");
$result = mysql_query("SELECT 'Hello, dear MySQL user!' AS _message FROM DUAL");
$row = mysql_fetch_assoc($result);
echo htmlentities($row['_message']);
?>
I suggest you try out both MySQLi and PDO and find out what API design you prefer.
Read Choosing an API and Why shouldn't I use mysql_* functions in PHP?
As other answers suggest... Some guy (for whatever reason) decided that your old code should not work when you upgrade your PHP, because he knows better than you and don't care about what your code does or how simple it is for you to upgrade.
Well, if you can't upgrade your project overnight you can
downgrade your version of PHP to whatever version that worked
or...
use a shim (kind of polyfill) such as https://github.com/dshafik/php7-mysql-shim or https://github.com/dotpointer/mysql-shim, and then find a place for include_once("choice_shim.php"); somewhere in your code
That will keep your old PHP code up and running until you are in a mood to update...
mysql_* functions have been removed in PHP 7.
You now have two alternatives: MySQLi and PDO.
The following is a before (-) and after (+) comparison of a migration to the MySQLi alternative, taken straight out of working code:
-if (!$dbLink = mysql_connect($dbHost, $dbUser, $dbPass))
+if (!$dbLink = mysqli_connect($dbHost, $dbUser, $dbPass))
-if (!mysql_select_db($dbName, $dbLink))
+if (!mysqli_select_db($dbLink, $dbName))
-if (!$result = mysql_query($query, $dbLink)) {
+if (!$result = mysqli_query($dbLink, $query)) {
-if (mysql_num_rows($result) > 0) {
+if (mysqli_num_rows($result) > 0) {
-while ($row = mysql_fetch_array( $result, MYSQL_ASSOC )) {
+while ($row = mysqli_fetch_array( $result, MYSQLI_ASSOC )) {
-mysql_close($dbLink);
+mysqli_close($dbLink);
mysql_ functions have been removed from PHP 7. You can now use MySQLi or PDO.
MySQLi example:
mysqli_connect($mysql_hostname, $mysql_username, $mysql_password, $mysql_dbname);
mysqli_connect reference link
Make sure you have not committed a typo as in my case
msyql_fetch_assoc should be mysql
For mysqli you can use :
$db = ADONewConnection('mysqli');
...
...
$db->execute("set names 'utf8'");
in case of a similar issue when I'm creating dockerfile I faced the same scenario:-
I used below changed in mysql_connect function as:-
if($CONN = #mysqli_connect($DBHOST, $DBUSER, $DBPASS)){
//mysql_query("SET CHARACTER SET 'gbk'", $CONN);
So here's the problem, the script I purchase is written on PHP 5.x, and I'm using xampp with PHP7.x installed for development. Now I want to migrate my script to PHP7.x. Now I know this was asked a million times already but do you mind if you could take a look at my code and give your thoughts about it, or simply share your knowledge. I would deeply appreciate it.
Here is the code for my config.php
<?php
// mySQL information
$server = 'localhost'; // MySql server
$username = 'admin'; // MySql Username
$password = 'admin' ; // MySql Password
$database = 'arcade'; // MySql Database
// The following should not be edited
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
$con = mysql_connect($server, $username, $password);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($database, $con);
// Get settings
if (!isset($install)) {
$sql = mysql_query("SELECT * FROM ava_settings");
while ($get_setting = mysql_fetch_array($sql)) {
$setting[$get_setting['name']] = $get_setting['value'];
}
}
?>
The deprecated functions are:
mysql_connect()
mysql_error()
mysql_fetch_array()
mysql_query()
mysql_select_db()
Now, I don't want to use the PDO approach, I want to use mysqli instead. Am I suppose to just replace the mysql_* into mysqli_*? So it will become like these? I don't want to hide/surpress the deprecate warnings.
mysqli_connect()
mysqli_error()
mysqli_fetch_array()
mysqli_query()
mysqli_select_db()
I just offer you that migrate to PDO driver. Because every update you may see a lot of deprecation errors.
But if you can not do it the first thing to do would probably be to replace every mysql_* function call with its equivalent mysqli_*, at least if you are willing to use the procedural API -- which would be the easier way, considering you already have some code based on the MySQL API, which is a procedural one.
Note that, for some functions, you may need to check the parameters carefully: Maybe there are some differences here and there -- but not that many, I'd say: both mysql and mysqli are based on the same library (libmysql ; at least for PHP <= 5.2)
Look at difference between mysqli and mysql:
$mysqli = mysqli_connect("example.com", "user", "password", "database");
$res = mysqli_query($mysqli, "SELECT ...");
$row = mysqli_fetch_assoc($res);
echo $row['_msg'];
$mysql = mysql_connect("example.com", "user", "password");
mysql_select_db("test");
$res = mysql_query("SELECT ...", $mysql);
$row = mysql_fetch_assoc($res);
echo $row['_msg'];
I already have my database named als and I still got the error.
<?php
$mysql_host='localhost';
$mysql_user='root';
$mysql_password='';
$mysql_db='als';
$con = #mysql_connect($mysql_host,$mysql_user,$mysql_password) or die(mysql_error());
#mysql_select_db($mysql_db) or die(mysql_error());
?>
Not exactly an answer to your question but too long for a comment:
After establishing the database connection you could just query the existing databases via SHOW DATABASES
<?php
$mysqli = new mysqli('localhost', 'root', '');
if ($mysqli->connect_errno) {
trigger_error('query failed: '.$mysqli->connect_error, E_USER_ERROR);
}
$result = $mysqli->query('SHOW databases')
or trigger_error('connect failed: '.join(',', $mysqli->error_list), E_USER_ERROR);
foreach( $result as $row ) {
echo join(', ', $row), "<br />\r\n";
}
Does your database als show up?
Since you're using the default root account (with an empty password; you might want to look into that as well) there shouldn't be any permission related problems. So, if the database doesn't show up, it's just not there...
(almost) same script using PDO (my weapon of choice) instead of mysqli:
<?php
$pdo = new PDO('mysql:host=localhost;charset=utf8', 'root', '', array(
PDO::MYSQL_ATTR_DIRECT_QUERY => false,
PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION
));
foreach( $pdo->query('SHOW DATABASES', PDO::FETCH_NUM) as $row ) {
echo $row[0], "<br />\r\n";
}
There you go. The mysql_ family has been deprecated for some time. Please change to the mysqli_ library. Another machine may work because it's using an older version of PHP in which it hasn't been deprecated OR where deprecated warnings have been globally supressed.
MySQLI Connect
In the wild
$mysql_host='localhost';
$mysql_user='root';
$mysql_password='';
$mysql_db='als';
$con= mysqli_connect($mysql_host,$mysql_user,$mysql_password, $mysql_db) or die("Error " . mysqli_error($con));
There's no need to arbitrarily select the database anymore. Now you can use $con as an argument to the mysqli_ family of procedural functions.
Last, but not least, never debug with the # symbol. This suppresses the error warnings from the function it precedes.
although this question has been asked (and answered) many times, I didn't find a solution to the problem.
Here is my code:
<?php
#session_start();
include("./include/config.php");
include("./include/db_connect.php");
include("functions.php");
if (!isset($_GET['artikelID'])){$_GET['artikelID'] = "";}
if (!isset($_SESSION['UserID'])){$_SESSION['UserID'] = "";}
$sql = "SELECT kundenID FROM kunden WHERE username = '".$_POST['myusername']."' AND password = '".md5($_POST['mypassword'])."' ";
$result = mysqli_query($connect, $sql) OR die("<pre>\n".$sql."</pre>\n".mysqli_connect_error()); // this is line 13
$row = mysqli_fetch_assoc($result);
if (mysqli_num_rows($result)==1){
doLogin($row['kundenID'], isset($_POST['Autologin']));
header("location:cart.php?action=add&artikelID=".$_GET['artikelID']."&id=". $_SESSION['UserID'] ." ");
}
else {
header("location:k_login.php?error=TRUE ");
}
include("./include/db_close.php");
?>
mysqli_connect_error() shows me the absolute correct sql-query; the sql-query is tested with a tool named mysql-front and brings exactly one (and the correct one) result, which is 'kundenID'.
I have tested many things (like $_SESSION['connect'] or $_GLOBALS['connect'] instead of $connect in db_connect.db), but with no result.
Can anyone please help me?
-- Update --
Why does nobody answer?
Is the description of the problem unclear?
The db-connection is established like this:
<?php
error_reporting(E_ALL);
$connect = mysqli_connect($dbserver,$dbuser,$dbpass,$dbname);
// Check connection
if (mysqli_connect_errno()){
echo "Zeile ".__LINE__.": Datenbankverbindung ist fehlgeschlagen ! " . mysqli_connect_error();
exit();
}
?>
All the db-variables are known in the checklogin-script (tested). All the $_POST-variables are also known in the checklogin-script (tested). I even tried a hard-coded sql-query (with the real data of the test-record in the db).
The result is still the same: mysqli_connect_error() reports the correct query - but then nothing more happens.
I have spent more than 10 hours in the meantime. I really would appreciate, if someone could help me.
Couldn't fetch mysqli means that PHP is unable to identify the contents of your $connect variable as a valid mysqli connection. Try adding some error handling into "./include/db_connect.php" to get an idea of what happened to the mysqli connection that is preventing you from using it.
I'm fairly new to PHP/MySQL and I seem to be having a newbie issue.
The following code keeps throwing me errors no matter what I change, and I have a feeling it's got to be somewhere in the syntax that I'm messing up with. It all worked at home 'localhost' but now that I'm trying to host it online it seems to be much more temperamental with spaces and whatnot.
It's a simple login system, problem code is as follows:
<?php
session_start();
require 'connect.php';
echo "Test";
//Hash passwords using MD5 hash (32bit string).
$username=($_POST['username']);
$password=MD5($_POST['password']);
//Get required information from admin_logins table
$sql=mysql_query("SELECT * FROM admin_logins WHERE Username='$username' ");
$row=mysql_fetch_array($sql);
//Check that entered username is valid by checking returned UserID
if($row['UserID'] === NULL){
header("Location: ../adminlogin.php?errCode=UserFail");
}
//Where username is correct, check corresponding password
else if ($row['UserID'] != NULL && $row['Password'] != $password){
header("Location: ../adminlogin.php?errCode=PassFail");
}
else{
$_SESSION['isAdmin'] = true;
header("Location: ../admincontrols.php");
}
mysql_close($con);
?>
The test is just in there, so I know why the page is throwing an error, which is:
`Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in 'THISPAGE' on line 12`
It seems to dislike my SQL query.
Any help is much appreciated.
EDIT:
connect.php page is:
<?php
$con = mysql_connect("localhost","username","password");
if(!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("dbname", $con);
?>
and yes it is mysql_*, LOL, I'll get to fix that too.
You should escape column name username using backtick, try
SELECT *
FROM admin_logins
WHERE `Username` = '$username'
You're code is prone to SQL Injection. Use PDO or MYSQLI
Example of using PDO extension:
<?php
$stmt = $dbh->prepare("SELECT * FROM admin_logins WHERE `Username` = ?");
$stmt->bindParam(1, $username);
if ($stmt->execute(array($_GET['name']))) {
while ($row = $stmt->fetch()) {
print_r($row);
}
}
?>
Sean, you have to use dots around your variable, like this:
$sql = mysql_query("SELECT * FROM admin_logins WHERE Username = '". mysql_real_escape_string($username)."' ");
If you use your code just like this then it's vulnerable for SQL Injection. I would strongly recommend using mysql_real_escape_string as you insert data into your database to prevent SQL injections, as a quick solution or better use PDO or MySQLi.
Besides if you use mysql_* to connect to your database, then I'd recommend reading the PHP manual chapter on the mysql_* functions,
where they point out, that this extension is not recommended for writing new code. Instead, they say, you should use either the MySQLi or PDO_MySQL extension.
EDITED:
I also checked your mysql_connect and found a weird regularity which is - if you use " on mysql_connect arguments, then it fails to connect and in my case, when I was testing it for you, it happened just described way, so, please try this instead:
$con = mysql_connect('localhost','username','password');
Try to replace " to ' as it's shown in the PHP Manual examples and it will work, I think!
If it still doesn't work just print $row, with print_r($row); right after $sql=mysql_query() and see what you have on $row array or variable.