So, I've been having alot of bother with a Paypal IPN script i'm working on - I'm a bit of an idiot when it comes to PHP.
I've got a script called glob.inc.php, which connects to my database and checks if a user is premium, however when the script is runs I just get this:
Warning: mysql_result(): supplied argument is not a valid MySQL result
resource in
/public_html/fts/rs_ipn/glob.inc.php
on line 11
This is the script for glob.inc.php:
<?php
session_start();
// database connection
mysql_connect('XXXXXXXX','XXXXXXXX');
mysql_select_db('XXXXXXXX');
// premium check function
function is_premium() {
$premium_query = mysql_query("SELECT 'premium' FROM 'users' WHERE 'user_id'='".$_SESSION['user_id']."'");
$premium = mysql_result($premium_query, 0, 'premium');
if ($premium =='1') {
return true;
} else {
return false;
}
}
?>
I've tried everything I can think of, but am having no joy! May be interested to know that the script fails to successfully check if the user is premium. Sessions are created ok though, and the database connection is fine.
Hope you can help!
Did you check that the query was executed properly?
See this example.
Also, as mentioned in the comments, do not use mysql_* functions, use mysqli_* or PDO instead.
You need to fetch the result instead of trying to access the resource.
Please refer to the documentation before asking question.
Related
I can't figure out why I'm getting the Commands out of sync; you can't run this command now error. I can't seem to find a way to fix this.
As you can probably see from the code, I need to execute TWO SQL statements. One to check if the password is correct, and the other, which runs only if the previous one returns true, to store all user data in session variables.
Here is my code:
$check_pw_query = $conn->query("CALL checkPassword('{$username}', '{$password}')");
$check_pw_fetched = $check_pw_query->fetch_assoc();
$check_pw_query->close();
if($check_pw_fetched['password_correct']) {
unset($check_pw_fetched);
if(!$get_user_data = $conn->query("CALL getUserData('{$username}')")/*->fetch_assoc()*/) {
echo $conn->error;
}
$_SESSION["user_username"] = $username;
$_SESSION["user_id"] = $get_user_data["id"];
$_SESSION["user_name"] = $get_user_data["name"];
$_SESSION["user_email"] = $get_user_data["email"];
$_SESSION["user_type"] = $get_user_data["type"];
$conn->close();
unset($conn);
send_home(false);
}
Help is much appreciated.
Thank you
Ok, as there were no real helpfully answers, I'll answer it myself, to hopefully help someone else with the same problem.
The problem is that, whenever you call a stored procedure, it will output one more result that defined anywhere. So if your procedure returns 1 value, php will get 2. The last one is only there to tell you that there are no more values. BUT you have to deal with that one as well to free the connection ($conn in my example).
So, that you do is, simply, add this to your code, right after the $check_pw_query->close(); :
$conn->next_result();
And there you have it. It will now work perfectly fine.
I'm having a problem with a PHP-Script, where I want to check, if the MySQL-Logindata are valid. I found somewhere the mysql_ping() function, but it doesn't work as it should, because it returns in every case true, even if the inserted data are totally wrong. How do I solve it?
$verbindung = mysql_connect($_POST["mysql_host"], $_POST["mysql_user"],
$_POST["mysql_pwd"]);
if (!mysql_ping($verbindung)) {
$break = true;
}
else {
// Check here also via SQL, if database $_POST["mysql_db"] exists
}
This already is more complex than it needs to be and should do the correct thing. The reason why all usernames work quite likely is that MySQL by default has an anonymous user ''#'localhost' which accepts any username. Probably you want to remove that user. (DROP USER ''#'localhost', be sure you can login as other user before doing that, use SHOW GRANTS to see which user you are using)
For simplification mind that the connect cal will fail if there is something wrong, so you wont need that ping call. ping can be used if you have a longer living connection and you want to check whether the connection is still working.
A simple form for the check might look like this:
$verbindung = new mysqli($_POST["mysql_host"], $_POST["mysql_user"], $_POST["mysql_pwd"]);
if (!$verbindung) {
echo "Wrong settings";
}
Mind that I changed to the mysqli insterface. the old mysql extension in PHP providing the mysql_* functions is deprecated and shouldn't be used anymore.
I actually found out a nicer solution with the mysqli_connect_errno() function and a requirement of inputs from the database name and the user name.
$verbindung = #mysqli_connect((!empty($_POST["mysql_host"]) ? $_POST["mysql_host"] : 'localhost'),
$_POST["mysql_user"], $_POST["mysql_pwd"], $_POST["mysql_db"]);
if (mysqli_connect_errno() || empty($_POST["mysql_user"]) || empty($_POST["mysql_db"])) {
$break = true;
}
I am frustrated and I am beginning to wonder if there is some catch with my hosting company that might be causing this issue. I have done this type of thing before (not with this hosting company) so I am at a loss.
<?php
$q = "SELECT * FROM sunsetUsers";
$r = #mysqli_query($dbh, $q);
if ($r) {
echo 'good job';
} else {
echo 'you suck';
}?>
The connection info is being called in the header and it works. It will connect to the database and supply me with a good message when I tell it to. Yet, when I try to execute a simple query, I get nothing. No errors at all other than it tells me, "you suck." Heh...which is what it should do when the query fails. I am not trying to do anything with the data...I just want to ensure that the query executes with no problems.
Is there any other information I can give that might help here? This seems really simple to me...yet so confused here as to why this isn't working.
You can see your mysql errors with mysql_error (for the purposes of learning):
if (!$r) {
echo mysqli_error(); // display the last error detected
}
Also using the mysql_* & mysqli_* functions are a very old & insecure way of communicating with mysql. Look into pdo for a better way.
So I managed to fix it myself, unsure how tho, this is my final code:
//create user
$con=mysqli_connect("localhost","root","******");
$crearuser="CREATE USER 'phpuser'#'localhost' identified by '******'";
if (mysqli_query($con,$sql))
{
echo "It Works";
}
else
{
echo "Nope";
}
Like I said, im unsure of how I fixed it, but this and the grant part (not going to paste, so much code) are fully working, thank you all :)
Just reference to it: http://dev.mysql.com/doc/refman/5.1/en/adding-users.html
$createuser = "CREATE USER 'phpuser'#'localhost' IDENTIFIED BY 'some_pass';";
Your Script runs fine on my side. I think you have problem in connecting with database
$con = mysqli_connect("localhost","root","******","mysql");
Because during the editing process you changed your password parameter 3 times. And you are not sure about your password.
Try to figure out your mysqli_connect() parameters.
This question will help you too..How to find out the username and password for mysql database
I am trying my best to object orientate my login scripts and checks for my website. As such, I have created a function that is called named "attempt_login". This function uses a database connection via the "mysqli_connect" function provided by a outside php file that is included and returns the $link variable.
However, when in my "attempt_login" the "mysqli_stmt_prepare" function is reached. It always returns false, and as such, the if statement never runs.
mysql_connect.php
require_once '../conf.php';
$link = mysqli_connect($mysql_server,$mysql_user,$mysql_pass,$mysql_db);
if(mysqli_connect_error())
{
//Fail
echo mysqli_connect_error();
}else{
//Success
}
return $link;
And the code from the "attempt_login" that fails:
$link = require_once 'functions/mysql/mysql_connect.php';
print_r($link);
$stmt = mysqli_stmt_init($link);
echo mysqli_stmt_error($stmt);
echo mysqli_error();
//This if statement always fails.
if(mysqli_stmt_prepare($stmt,"SELECT member_salt FROM members WHERE username=?" ) )
{
mysqli_stmt_bind_param($stmt,'s',$login_details['username']);
mysqli_stmt_execute($stmt);
$member_salt = NULL;
mysqli_stmt_bind_result($stmt,$member_salt);
mysqli_stmt_close($stmt);
}
And calling the function is pretty simple.
attempt_login($login_details);
I have tried many ways to do this, but it seems to only work when it is not within a function. Which defeats the purpose of me trying to have it in a function. If I move the error output to after the if statment, it will print:
No Database Selected
Even though one clearly is set in the link. I also can do a print_r($link); and it does print proper data for the mysql server.
It also has the same issue with procedural and object orientated mysqli styles, and fails as well with "mysqli_prepare".
I do have mysql working on the site, but any attempts to run anything within a function fails.
I have searched for several hours on trying to find a answer, but was unable to locate anything. I look forward to hearing from you! Many thanks in advance.
~Travis
I'd say then you haven't selected a database.
Either $mysql_db isn't set in ../conf.php or there is a typo or $mysql_db isn't visible in mysql_connect.php.
You don't seem to be passing $stmt to your function, I would advise your read this on scopes.