<?php
mysql_connect("localhost", "root", "usbw");
mysql_select_db("europese unie");
$id = $_GET['Land'];
$query = "SELECT `Land`, `Oppervlakte`, `Inwoners`, `Klimaat`, `Motto`, `UTC` FROM `algemene informatie` WHERE `Land` = '$id'";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
$land = $row[0];
echo "$land";
print("<h2>$id</h2>");
print("<br />");
die(mysql_error())
?>
when i tried to run this code i expected to echo the first land that came up with this query instead i got nothing. i am not a very experienced PHP or Mysql user nor is english my first language so pleas do not hold annything against me.
Solved
Taken from comments:
"well the adress is localhost:8080/details.php?Land=%20Belgie and $id = $_GET['Land']; is the id so Belgie should be $id but as var_dump($result) it keeps giving bool(false)"
Basically what you're asking SQL, is to find (space)Belgie and since your column doesn't contain the word Belgie with a space, it will not find it; least that's what I think is happening
That %20 is a space btw. That could be the problem. You could make use of the trim() function.
Use:
$id = trim($_GET['Land']);
OP:
thank you print_r($row); now gives Array ( [0] => Belgie [1] => 31 [2] => 11 [3] => gematigd zeeklimaat [4] => Eendracht maakt macht [5] => 1 ) i can finaly proceed
Sidenote: Your present code is open to SQL injection. Use mysqli_* functions. (which I recommend you use and with prepared statements, or PDO)
mysql_* functions are deprecated and will be removed from future PHP releases.
Footnotes:
mysql_* functions deprecation notice:
http://www.php.net/manual/en/intro.mysql.php
This extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API.
These functions allow you to access MySQL database servers. More information about MySQL can be found at » http://www.mysql.com/.
Documentation for MySQL can be found at » http://dev.mysql.com/doc/.
Do not use mysql_connect() this is going to become outdated, use mysqli_connect().
I.e.:
$connection = new mysqli('host', 'username', 'password', 'db table', 'portnumber');
if (mysqli_connect_errno()){
printf("<b>Connection failed:</b> %s\n", mysqli_connect_error());
exit;
}
run you query through mysqli object and remember to use injection prevention or you will get people hacking you site.
e.g.
http://www.phphaven.com/article.php?id=65
Hope that helps
Quote out the variables.
echo $land;
print("<h2>" . $id . "</h2>");
Related
I am trying to do a simple connection with XAMPP and MySQL server, but whenever I try to enter data or connect to the database, I get this error.
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in C:\xampp\htdocs\register.php:22
Stack trace: #0 {main} thrown in C:\xampp\htdocs\register.php on line 22
Example of line 22:
$link = mysql_connect($mysql_hostname , $mysql_username);
mysql_* functions have been removed in PHP 7.
You probably have PHP 7 in XAMPP. You now have two alternatives: MySQLi and PDO.
You can use mysqli_connect($mysql_hostname , $mysql_username) instead of mysql_connect($mysql_hostname , $mysql_username).
mysql_* functions were removed as of PHP 7. You now have two alternatives: MySQLi and PDO.
It is recommended to use either the MySQLi or PDO extensions. It is not recommended to use the old mysql extension for new development, as it was deprecated in PHP 5.5.0 and was removed in PHP 7.
PHP offers three different APIs to connect to MySQL. Below we show the APIs provided by the mysql, mysqli, and PDO extensions. Each code snippet creates a connection to a MySQL server running on "example.com" using the username "username" and the password "password". And a query is run to greet the user.
Example #1 Comparing the three MySQL APIs
<?php
// mysqli
$mysqli = new mysqli("example.com", "username", "password", "database");
$result = $mysqli->query("SELECT 'Hello, dear MySQL user!' AS _message FROM DUAL");
$row = $result->fetch_assoc();
echo htmlentities($row['_message']);
// PDO
$pdo = new PDO('mysql:host=example.com;dbname=database', 'username', 'password');
$statement = $pdo->query("SELECT 'Hello, dear MySQL user!' AS _message FROM DUAL");
$row = $statement->fetch(PDO::FETCH_ASSOC);
echo htmlentities($row['_message']);
// mysql
$c = mysql_connect("example.com", "username", "password");
mysql_select_db("database");
$result = mysql_query("SELECT 'Hello, dear MySQL user!' AS _message FROM DUAL");
$row = mysql_fetch_assoc($result);
echo htmlentities($row['_message']);
?>
I suggest you try out both MySQLi and PDO and find out what API design you prefer.
Read Choosing an API and Why shouldn't I use mysql_* functions in PHP?
As other answers suggest... Some guy (for whatever reason) decided that your old code should not work when you upgrade your PHP, because he knows better than you and don't care about what your code does or how simple it is for you to upgrade.
Well, if you can't upgrade your project overnight you can
downgrade your version of PHP to whatever version that worked
or...
use a shim (kind of polyfill) such as https://github.com/dshafik/php7-mysql-shim or https://github.com/dotpointer/mysql-shim, and then find a place for include_once("choice_shim.php"); somewhere in your code
That will keep your old PHP code up and running until you are in a mood to update...
mysql_* functions have been removed in PHP 7.
You now have two alternatives: MySQLi and PDO.
The following is a before (-) and after (+) comparison of a migration to the MySQLi alternative, taken straight out of working code:
-if (!$dbLink = mysql_connect($dbHost, $dbUser, $dbPass))
+if (!$dbLink = mysqli_connect($dbHost, $dbUser, $dbPass))
-if (!mysql_select_db($dbName, $dbLink))
+if (!mysqli_select_db($dbLink, $dbName))
-if (!$result = mysql_query($query, $dbLink)) {
+if (!$result = mysqli_query($dbLink, $query)) {
-if (mysql_num_rows($result) > 0) {
+if (mysqli_num_rows($result) > 0) {
-while ($row = mysql_fetch_array( $result, MYSQL_ASSOC )) {
+while ($row = mysqli_fetch_array( $result, MYSQLI_ASSOC )) {
-mysql_close($dbLink);
+mysqli_close($dbLink);
mysql_ functions have been removed from PHP 7. You can now use MySQLi or PDO.
MySQLi example:
mysqli_connect($mysql_hostname, $mysql_username, $mysql_password, $mysql_dbname);
mysqli_connect reference link
Make sure you have not committed a typo as in my case
msyql_fetch_assoc should be mysql
For mysqli you can use :
$db = ADONewConnection('mysqli');
...
...
$db->execute("set names 'utf8'");
in case of a similar issue when I'm creating dockerfile I faced the same scenario:-
I used below changed in mysql_connect function as:-
if($CONN = #mysqli_connect($DBHOST, $DBUSER, $DBPASS)){
//mysql_query("SET CHARACTER SET 'gbk'", $CONN);
So here's the problem, the script I purchase is written on PHP 5.x, and I'm using xampp with PHP7.x installed for development. Now I want to migrate my script to PHP7.x. Now I know this was asked a million times already but do you mind if you could take a look at my code and give your thoughts about it, or simply share your knowledge. I would deeply appreciate it.
Here is the code for my config.php
<?php
// mySQL information
$server = 'localhost'; // MySql server
$username = 'admin'; // MySql Username
$password = 'admin' ; // MySql Password
$database = 'arcade'; // MySql Database
// The following should not be edited
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
$con = mysql_connect($server, $username, $password);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($database, $con);
// Get settings
if (!isset($install)) {
$sql = mysql_query("SELECT * FROM ava_settings");
while ($get_setting = mysql_fetch_array($sql)) {
$setting[$get_setting['name']] = $get_setting['value'];
}
}
?>
The deprecated functions are:
mysql_connect()
mysql_error()
mysql_fetch_array()
mysql_query()
mysql_select_db()
Now, I don't want to use the PDO approach, I want to use mysqli instead. Am I suppose to just replace the mysql_* into mysqli_*? So it will become like these? I don't want to hide/surpress the deprecate warnings.
mysqli_connect()
mysqli_error()
mysqli_fetch_array()
mysqli_query()
mysqli_select_db()
I just offer you that migrate to PDO driver. Because every update you may see a lot of deprecation errors.
But if you can not do it the first thing to do would probably be to replace every mysql_* function call with its equivalent mysqli_*, at least if you are willing to use the procedural API -- which would be the easier way, considering you already have some code based on the MySQL API, which is a procedural one.
Note that, for some functions, you may need to check the parameters carefully: Maybe there are some differences here and there -- but not that many, I'd say: both mysql and mysqli are based on the same library (libmysql ; at least for PHP <= 5.2)
Look at difference between mysqli and mysql:
$mysqli = mysqli_connect("example.com", "user", "password", "database");
$res = mysqli_query($mysqli, "SELECT ...");
$row = mysqli_fetch_assoc($res);
echo $row['_msg'];
$mysql = mysql_connect("example.com", "user", "password");
mysql_select_db("test");
$res = mysql_query("SELECT ...", $mysql);
$row = mysql_fetch_assoc($res);
echo $row['_msg'];
I have a problem while passing information with $_SESSION in php. Every time that I try it, it sends me a message saying "Array to string conversion".Here is the code:
<?php
session_start();
ob_start();
include("conexion3.php");
$con = mysql_connect($host,$user,$pw) or die("Error");
mysql_select_db($db,$con) or die("Error DB");
$sel2 = mysql_query("SELECT usuario_n,correo FROM usuarios WHERE usuario_n='machan'",$con);
$sesion = mysql_fetch_array($sel2);
$_SESSION['resultado'] = $sesion;
echo $_SESSION['resultado'];
?>
The answer lies in your last comment. The problem is, $_SESSION['resultado'] is an array and with echo $_SESSION['resultado']; you're trying to convert array to string, hence the message.
You can do something like this to get the values:
echo $_SESSION['resultado'][0]; // machan
echo $_SESSION['resultado']['usuario_n']; // machan
echo $_SESSION['resultado'][1]; // elver#gmail.com
echo $_SESSION['resultado']['correo']; // elver#gmail.com
Sidenote: Please don't use the mysql_ database extensions, they were deprecated in PHP 5.5.0 and were removed in PHP 7.0.0. Use mysqli or PDO extensions instead. And this is why you shouldn't use mysql_ functions.
You're trying to echo out an array. $session stores the array you fetched from your mysql db. Try the following instead of that echo statement:
print_r($_SESSION['resultado']);
http://php.net/manual/en/function.print-r.php
So after a long rest of coding(around 5months) i started to forgot some of the codes and i need help with this one, i cant find in the google with this topic, etc
code :
<?php
$num1 = "0";
$database = mysql_connect('x', 'x', 'x') or die ("Error x01");
mysql_select_db('x') or die ("Error x02");
$SQL1 = "Select * FROM 'server_status' WHERE on = '$num1'";
$result_id1 = #mysql_query($SQL1) or die("DATABASE ERROR!");
$total1 = mysql_num_rows($result_id1);
if($result1){
echo "Server is under maintenance";
}
?>
right here i have a code where i'am gonna check the variable "on" in "server_status" table in my msql
somehow even when i have my "on" variable on 0 (int not bool [join_protection is on int too]) it still gives out the die which is
or die ("DATABASE ERROR!");
i can't find how to fix that i played around with it and not managed to make it work
here's the result
i'm looking forward for your answer
thanks for passing by and helping me
regards,
-itsproinc
You're using single quotes which are not the correct Identifier Qualifiers around your table name, remove them.
FROM server_status
or use ticks: (which resemble quotes, but are not the same).
FROM `server_status`
Plus, you are using a MySQL reserved word, being on for your column name and it needs to be wrapped in ticks.
$SQL1 = "Select * FROM `server_status` WHERE `on` = '$num1'";
Plus, as I stated in comments:
This doesn't help you or die ("DATABASE ERROR!"); this does mysql_error() and remove the # in #mysql_query it's an error suppressor.
Deprecation notice:
mysql_ is deprecated and will be removed from future PHP releases.
Use mysqli_ or PDO.
Better yet:
Use mysqli with prepared statements, or PDO with prepared statements, they're much safer.
OK guys, I'm having trouble with mysql_real_escape_string. It is a simple POST table with title and contents, which should in theory work fine (by me).
$db = new mysqli('...','...','...','...') or die ('error with connection');
$db->set_charset('utf8');
$title = trim($_POST['title']);
$contents = trim($_POST['contents']);
$title = mysql_real_escape_string($title);
$contents = mysql_real_escape_string($contents);
$sql = "INSERT INTO posts SET title = '$title', contents = '$contents'";
$query = $db->query($sql);
I found when I place 'echo' before and after 'mysql_escape_string' like:
echo 'before' . $title;
$title = mysql_real_escape_string($title);
echo 'after' . $title;
that it echoes the title on the "before" line, but on the "after" line it echoes blank $title.
Note: whan I use 'mysql_escape_string' instead (of real), it works fine (but I guess this is weaker protection).
Any ideas??
Thank you.
The reason title is empty is because mysql_real_escape_string is returning FALSE.
This happened because it requires a MySQL connection to the database, you have MySQLi. From the docs,
A MySQL connection is required before using mysql_real_escape_string() otherwise an error of level E_WARNING is generated, and FALSE is returned
The way to fix the issue is to use mysqli_real_escape_string to match your database connection, as suggested in the other answers. Obviously for security, you're better off using prepared statements.
Also, the database link needs to be supplied. Since you're using the OO style, this is done as
$db = new mysqli()
$title = $db->real_escape_string($title)
mysql_real_escape_string() works in context of connection made by "mysql" extension, but you use "mysqli".
You need to either connect using mysql_connect() not recommended
Or you need to use new approaches from mysqli such as prepared statements or mysqli_real_escape_string()
You should not interpolate user-generated strings into sql. Use prepared statements: http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
In your case:
$db = new mysqli('...','...','...','...') or die ('error with connection');
$db->set_charset('utf8');
$title = trim($_POST['title']);
$contents = trim($_POST['contents']);
$sql = $db->prepare("INSERT INTO posts (title, contents) VALUES (?,?)");
$sql->bind_param('ss', $title, $contents);
$sql->execute();