Hi I am facing a unique issue with my PHP script.Here is my code. After writeToDB() is executed I dont see the echo ("<script> top.location.href=www.facebook.com</script>");
Can someone let me know why my script stops executing after writing to db?
<?php
function writeToDB($access_token,$uid,$username,$birthday,$gender,$age)
{
/* Database Connection */
$user = "xxxx";
$password = "xxxx";
$host = "xxxxxxxxxxxxxxxxxx";
//connect to database, where tsnames.ora is setup
$connect_obj = oci_connect($user, $password, $host);
if ($connect_obj) {
error_log("connected okay");
} else {
$err = OCIError();
echo "Oracle connection error " . $err[text];
return;
}
$select_query = "SELECT USER_ID FROM FBTABLE WHERE USER_ID= '$uid'";
$select_sql_stmt = oci_parse($connect_obj, $select_query);
//execute statement
try {
$r = oci_execute($select_sql_stmt, OCI_DEFAULT);
if (!$r) {
$p = oci_error($select_sql_stmt);
echo "Oci Execute error";
}
} catch (Exception $e) {
echo "<br>Failed to get database info" . $e->getMessage();
}
$user_id_in_db = null;
while (oci_fetch($select_sql_stmt)) {
$user_id_in_db = oci_result($select_sql_stmt, 'USER_ID');
}
// User already exists in db so update instead of insert
if ($user_id_in_db != null) {
$query ="UPDATE FBTABLE SET ACCESS_TOKEN='$access_token' WHERE USER_ID='$uid'";
} else {
$query = "INSERT INTO FBTABLE(ACCESS_TOKEN, USER_ID,USER_NAME,BIRTHDAY,GENDER,AGE)
VALUES
('$access_token','$uid','$username','$birthday','$gender','$age')";
}
//create sql statement
$sql_statement = oci_parse($connect_obj, $query);
//execute statement
try {
$r = oci_execute($sql_statement, OCI_DEFAULT);
if (!$r) {
$p = oci_error($sql_statement);
echo "Oci Execute error";
}
} catch (Exception $e) {
echo "<br>Failed to get database info" . $e->getMessage();
}
//Commit transaction
$committed = oci_commit($connect_obj);
//Test whether commit was successful. If error occurred, return error message
if (!$committed) {
$error = oci_error($conn);
echo 'Commit failed. Oracle reports: ' . $error['message'];
}
//close the connection
$oci_free_statement($sql_statement);
if (oci_close($connect_obj)) {
echo " oci connection not closed!!!";
}
//close the connection
$oci_free_statement($sql_statement);
}
?>
<html>
<body>
<?php
$access_token = $_GET['access_token'];
$uid = $_GET['uid'];
$username = $_GET['username'];
$birthday = $_GET['birthday'];
$gender = $_GET['gender'];
$age = $_GET['age'];
echo $username;
writeToDB($access_token,$uid,$username,$birthday,$gender,$age);
echo ("<script> top.location.href=www.facebook.com</script>");
?>
</body>
</html>
i think error is in $oci_free_statement($sql_statement); must be oci_free_statement($sql_statement); extra $ before oci_free_statement
http://php.net/manual/en/function.oci-free-statement.php
no any error show because of error_display is off
Your JavaScript code should be
echo ("<script> top.location.href='http://www.facebook.com';</script>");
It's happen because writeToDB() causes error. You don't see this error because error_display is off or error_reporting = 0
Also maybe you didn't install OCI8. So when you call oci_connect it will cause error.
Thanks.
you are not using quotes around the string:
www.facebook.com should be 'www.facebook.com'
Related
After executing the SQL file below to create the appropriate tables(which gets executed correctly without errors),
<?php
try {
require_once 'dbcon.php';
$sql_file = 'mysql.sql';
$contents = file_get_contents($sql_file);
$comment_patterns = array('/\/\*.*(\n)*.*(\*\/)?/',
'/\s*--.*\n/',
'/\s*#.*\n/',
);
$contents = preg_replace($comment_patterns, "\n", $contents);
$statements = explode(";\n", $contents);
$statements = preg_replace("/\s/", ' ', $statements);
foreach ($statements as $query) {
if(trim($query) != '') {
$db->query($query);
if ($db->errno) {
throw new Exception("Fail to load data in database (".$db->errno.")");
}
}
}
Running the following query right after the foreach gets executed successfully without errors and success message gets printed. However , no data gets inserted into the database.
$cql = "INSERT INTO config (logo,brand,provider,mail_type,url) VALUES(?,?,?,?,?)";
$cstmt = $db->prepare($cql);
$sch_logo = 'logo.png';
$sch_brand = 'brand.png';
$provider = 'other';
$mail_type = 'mail';
$cstmt->bind_param('sssss',$sch_logo,$sch_brand,$provider,$mail_type,$site_url);
$cstmt->execute();
if($cstmt->affected_rows === 1){
echo 'Identity verified. Thank you';
}
else{
throw new Exception("An error occurred Performing this operation.");
}
}
catch(Exception $e) {
error_log($e->getMessage());
echo ' <div class="text-warning">
<b>'.$e->getMessage().'</b> </div>';
exit();
}
?>
I have printed out $cstmt->error and $cstmt->errno and they all return 0 . which seems fine but don't why the data doesn't get inserted into the fields. Anything am missing or doing wrong?
Try this:
$cql = "INSERT INTO config (logo,brand,provider,mail_type,url) VALUES(?,?,?,?,?)";
$cstmt = $db->prepare($cql);
$sch_logo = 'logo.png';
$sch_brand = 'brand.png';
$provider = 'other';
$mail_type = 'mail';
$cstmt->bind_param('sssss',$sch_logo,$sch_brand,$provider,$mail_type,$site_url);
**if($cstmt->execute()){**
echo 'Identity verified. Thank you';
}
else{
throw new Exception("An error occurred Performing this operation.");
}
}
catch(Exception $e) {
error_log($e->getMessage());
echo ' <div class="text-warning">
<b>'.$e->getMessage().'</b> </div>';
exit();
}
I am trying to input data to MySQL using PHP. Don't know what's wrong. The connection succeeds, no errors but at the end there is not data being written to the database.
$dbhost = "localhost";
$dbname = "listings";
$un = $_POST["un"];
$pass = $_POST["pass"];
$name = $_POST["name"];
$des = $_POST["des"];
$quan = $_POST["quantity"];
$specs = $_POST["specs"];
$price = $_POST["price"];
$url1 = ".";
$url2 = ".";
$url3 = ".";
$url4 = ".";
$connection = mysqli_connect($dbhost,$un,$pass,$dbname);
if (!$connection) {
die("Error".mysqli_error);
} else {
echo "Database connection successfull ".$des;
}
$query = "INSERT INTO items
(name,description,quantity,specs,price,url1,url2,url3,url4) VALUES
'$name','$des','$quan','$specs','$price','$url1','$url2','$url3','$url4')
";
echo "Hellos";
$exeute_query = mysqli_query($query,$connection);
if(!execute_query){
die("error ".mysqli_error());
echo "query error";
} else {
echo "Query successfull";
}
mysqli_close($connection);
Any help?
There are several small mistakes in your code:
$query = "INSERT INTO items (name,description,quantity,specs,price,url1,url2,url3,url4) VALUES ('$name','$des','$quan','$specs','$price','$url1','$url2','$url3','$url4')";
echo "Hellos";
**$exeute_query** = mysqli_query($query,$connection); // $execute_query instead of $exeute_query
if(!**execute_query**){ //$execute_query instead of execute_query
die("error ".mysqli_error());
echo "query error";
}
else{echo "Query successfull";}
mysqli_close($connection);
?>
Your code breaks at the if statement because no fucntion with that name is found (if you do not use the dollarsign to show it is a variable, php will interpret it as a function. Also, when initiating your variable you forgot a 'c' so make sure to check if you have the correct variable name or php won't find your variable. Now your query will work or give an error message in case of wrong data formats or bad connection. Use code listed below to debug your php in the future.
error_reporting(E_ALL);
ini_set('display_errors', 'On');
I have obviously seen other threads related to the matter and couldn't solve my problem. I am not experienced with php. My file structure is like:
-search/
-index.jade
-search.php
css/
index.css
My index.jade code:
html
head
script(src='https://code.jquery.com/jquery-3.1.0.min.js')
link(href="css/index.css", rel="stylesheet", type="text/css")
body
form(id="search", method="POST", action="search.php")
input(type="text",placeholder="Search for...",name="search_bar")
input(type="submit",name="submit")
My search.php code:
<?php
$SQL_HOST = "peanuts";
$SQL_PSWD = "more_peanuts";
$SQL_USER = "peanuts_again";
$SQL_DB = "no_peanuts";
// jk...
try {
$link = new mysqli($SQL_HOST, $SQL_USER, $SQL_PSWD, $SQL_DB);
} catch (Exception $e) {
echo "PDO connection error: " . $e->getMessage();
exit(1);
}
$search = $_POST['search_bar']."*";
$search_query = $link->prepare("SELECT name FROM products WHERE MATCH(name) AGAINST (? IN BOOLEAN MODE)");
$search_query->bind_param('s', $search);
$search_query->execute();
$search_query->store_result();
$search_rows = $search_query->num_rows;
$search_query->bind_result($product_name);
if($search_rows > 0) {
while($search_query->fetch()) {
echo "Your search returned $search_rows results";
echo "$product_name <br>";
}
}
else {
echo "Your search returned no results, sorry :(";
}
?>
I keep getting: "Cannot POST /search/search.php". Help?
final.php
Here I am trying to get the data from the url using GET method and trying to insert into the database. I was able to insert the data for first few rows after that the data is not inserted. Can anyone help me regarding this?
when I try to run the url: www.myii.com/app/final.php?name=123&glucose=3232...
the data is not inserting.
<?php
include("query_connect.php");
$name = $_GET['name'];
$glucose = $_GET['glucose'];
$temp = $_GET['temp'];
$battery = $_GET['battery'];
$tgs_a = $_GET['tgs_a'];
$tgs_g = $_GET['tgs_g'];
$heartrate = $_GET['heartrate'];
$spo2 = $_GET['spo2'];
$rr = $_GET['rr'];
$hb = $_GET['hb'];
$ina22 = $_GET['ina22'];
$accucheck = $_GET['accucheck'];
$isactive = $_GET['isactive'];
$address = $_GET['address'];
$deviceno = $_GET['deviceno'];
$sql_insert = "insert into query (name,glucose,temp,battery,tgs_a,tgs_g,heartrate,spo2,rr,hb,ina22,accucheck,isactive,address,deviceno) values ('$name','$glucose','$temp',$battery','$tgs_a','$tgs_g','$heartrate','$spo2','$rr','$hb','$ina22','$accucheck','$isactive','$address','$deviceno')";
mysqli_query($sql_insert);
if($sql_insert)
{
echo "Saving succeed";
//echo $date_time;
}
else{
echo "Error occured";
}
?>
Query_connect.php
This is my database config php file.
<?php
$user = "m33root";
$password = "me3i434";
$host = "localhost";
$connection = mysqli_connect($host,$user,$password);
$select = mysqli_select_db('miiyy',$connection);
if($connection)
{
echo "connection succesfull<br>";
}
else {
echo "Error";
}
?>
Make sure that all columns can contain NULL so that not filled fields will stay NULL instead of throwing an error.
Try below to see mysql error:
mysql_query($sql_insert);
echo mysql_error()
Try these
In SQL
Change the table name of query to some other name. Because "query" is reserved in SQL
In code
if (!mysqli_query($con,$sql_insert ))
{
echo("Error description: " . mysqli_error($con));
}
else
{
echo "Success";
}
Use mysqli_error() function
I cannot update the values in my table with this code, if the update is successful the page should redirect in ('Location:ui.php'), how can this be achieved?
<?php
ob_start();
include('dbconnect.php');
$code=$_GET['stallcode'];
if(isset($_POST['submit']))
{
$pcost = $_POST['pcost'];
$tcost = $_POST['tcost'];
$cash = $_POST['cash'];
$change = $_POST['change'];
if (($cash == '0'))
{
$pstatus="0";
}
else
{
$pstatus="1";
}
$updated=mysql_query("UPDATE tbl_stallowner SET
paymentstatus='$pstatus', penaltycost='$pcost', totalcost='$tcost', cash='$cash', change='$change'
WHERE stallcode='$code'")or die();
if($updated)
{
$msg="Successfully Updated!!";
header('Location:ui.php');
}
} //update ends here
ob_end_flush();
?>
As you redirects users by checking if($updated) is true, this will not work, you should check the number of affected rows instead using mysql_num_rows.
Also remember to exit; after header() to stop the execution.
$num_rows = mysql_num_rows($updated);
if($num_rows > 0)
{
$msg="Successfully Updated!!";
header('Location:ui.php');
exit;
}
Tip: You should not be using MySQL as it has already been deprecated, use MySQLi instead.
You want to use mysqli, not it's predecessor, mysql. Mysql is vulnerable and open to exploitation, here's what you should write in each of your files:
dbconnect.php
<?php
$conn = mysqli_connect("localhost","my_user","my_password","my_db");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
updatestallowner.php (or whatever you named it)
<?php
ob_start();
require('dbconnect.php');
$code = mysqli_real_escape_string($conn, $_GET['stallcode']);
if(isset($_POST['submit'])){
$pcost = mysqli_real_escape_string($conn, $_POST['pcost']);
$tcost = mysqli_real_escape_string($conn, $_POST['tcost']);
$cash = mysqli_real_escape_string($conn, $_POST['cash']);
$change = mysqli_real_escape_string($conn, $_POST['change']);
if ($cash == '0') {
$pstatus="0";
} else{
$pstatus="1";
}
$sql = "UPDATE tbl_stallowner SET paymentstatus='$pstatus', penaltycost='$pcost', totalcost='$tcost', cash='$cash', change='$change' WHERE stallcode='$code';";
$result = mysqli_query($conn, $sql);
if($result) {
$msg="Successfully Updated!!";
header('Location: ui.php');
exit;
} else {
die("Error updating!");
}
}
?>
Good luck!