Based on suggestions and a better understanding of what I need I have changed my question:
My site is protected with .htaccess. Im trying to get the current user and a few other variables and save them to a MySQL database. Everything works except the current user part.
Heres my code:
<?php
$_SERVER["PHP_AUTH_USER"] = "rep";
$hostname = "hostname";
$username = "username";
$dbname = "dbname";
$password = "password";
$usertable = "usageStats";
$yourfield = "your_field";
$con = mysql_connect($hostname, $username, $password);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($dbname, $con);
$sql="INSERT INTO usageStats (Bid, PRid, User)
VALUES
('$_POST[BID]','$_POST[branding]','$_POST[rep]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
mysql_close($con);
?>
I know that the below are both wrong. How should the current user be passed instead of $_POST[rep]?
Wong:
$_SERVER["PHP_AUTH_USER"] = "rep";
and
'$_POST[rep]'
If you are using Basic Authentication you do not need to send the username explicitly. The browser will send it and you can access it using the PHP_AUTH_USER server variable:
$_SERVER['PHP_AUTH_USER']
Also checkout the HTTP Authentication article in the documentation.
Related
Hello anyone who can help (or having the same issue).
I have a form on my website I need to store the data in a database.
I have no problems when using any other database service but when using an Amazon RDS Database I have no luck.
This php file is used to send the data to the database.
<?php
$dbhost = "xxxx.xxxx.ap-southeast-2.rds.amazonaws.com";
$dbuser = "username";
$dbpass = "pasword";
$userid = $_GET['UniqueID'];
$username = $_GET['name'];
$useremail = $_GET['email'];
$userphone = $_GET['phone'];
$userref = $_GET['refid'];
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$sql = "INSERT INTO landing_post (`useid`, `name`, `email`, `phone`, `refid`) VALUES ('$userid', '$username', '$useremail', '$userphone', '$userref')";
mysql_select_db('bunker');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
?>
After the form is submitted to the original post action, it opens the below url.
https://example.com.au/test/post.php?&UniqueID=10020&name=burger&email=test%40mvmedia.com&phone=1800+000+000&refid=28383
The $_GET functions fill out the data using the variables in the url.
When running the php from a cpanel based server I get this error.
Could not connect: Can't connect to MySQL server on 'xxxxx.xxxxxxx.ap-southeast-2.rds.amazonaws.com' (111)
When running the php from a AWS EC2 instance I don't even get a error readout.
Any assistance or insight would be greatly appreciated.
Cheers,
Andy
Shout out to JeanPaul98 who put me on the right path. After trial and many errors, i found the below code solved the issue.
<?php
$userid = $_GET['UniqueID'];
$username = $_GET['name'];
$useremail = $_GET['email'];
$userphone = $_GET['phone'];
$userref = $_GET['refid'];
$link = mysqli_connect('xxxxx.xxxxxx.ap-southeast-2.rds.amazonaws.com', 'User', 'password','database');
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// Check if server is alive
if (mysqli_ping($link))
{
echo "Connection is ok!";
}
else
{
echo "Error: ". mysqli_error($link);
}
mysqli_query($link,"INSERT INTO table (`useid`, `name`, `email`, `phone`, `refid`) VALUES ('$userid', '$username', '$useremail', '$userphone', '$userref')")
or die(mysqli_error($link));
echo "Entered data successfully\n";
mysqli_close($link);
?>
The main change was I stopped using mysql and rather used mysqli. There are also some structural changes to make the code to work with mysqli. For others having a similar issues here are a few things to check.
You have opened a inbound port for the IP in the security group of the RDS Database.
The Database is publicly accessible.
That your php version has PDO_MYSQL installed, or compatible driver (more details here
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_PHP.rds.html)
I use the hosting company aPlus.net, and I can't seem to get past a connection error I'm getting when trying to process some php to write database content to a webpage, and I am curious as to if this is because my database appears to not be on the same server as the entire rest of my hosting account, and if there is a way to resolve this in my code? This is my first attempt at writing PHP, and it would be good to know if my code is wrong, or if my hosting company is messing me up. (and either way, how to fix it)
Here's the code that's failing to pull from the database:
{
$con = mysql_connect("localhost","2p5dq9vxmy240651","MY_PASSWORD");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("felineasthma_2p5dq9vxmy240651", $con);
$users_name = $_POST['name'];
$users_comment = $_POST['requests'];
$users_name = mysql_real_escape_string($users_name);
$users_comment = mysql_real_escape_string($users_comment);
$inputid = $_GET['id'];
$query = "
INSERT INTO `felineasthma_2p5dq9vxmy240651`.`submissions` (`id`,
`name`, `requests`, `inputid`) VALUES (NULL,
'$users_name', '$users_comment', '$inputid');";
mysql_query($query);
echo "<h2>Your request has been processed, reload page.</h2>";
mysql_close($con);
}
and here's some screen captures from inside my hosting account (links because I don't have enough posts here yet to upload images, sorry):
felineasthma_2p5dq9vxmy240651 doesn't appear in my hosting account
yet it clearly exists in MySQL Manager, but on a different server
I was even more confused while making the user for this database, as the control panel didn't allow me to make a username, it just randomly assigned one. Help? Advice?
I found a more modern tutorial to learn PHP with, and now everything works, I just need to add security measures now. Here's the working code snippets, if anyone ever comes here asking the same questions.
here's the form action that places the entries into the database:
<?php
$servername = "sql5c40n.carrierzone.com";
$username = "my_username";
$password = "my_password";
$dbname = "my_database";
$users_name = $_POST['name'];
$users_request = $_POST['requests'];
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "INSERT INTO submissions (name, requests)
VALUES ('$users_name', '$users_request')";
if (mysqli_query($conn, $sql)) {
header("Location: clv.php");
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
?>
here's the include that puts the database entries onto the page:
<?php
$servername = "sql5c40n.carrierzone.com";
$username = "my_username";
$password = "my_password";
$dbname = "my_database";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "SELECT id, requests, name FROM submissions";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
echo "" . $row["requests"]. " - by " . $row["name"]. "<br>";
}
} else {
echo "0 results";
}
mysqli_close($conn);
?>
I have a script where I need to connect to MySQL db. But somehow the connection is failed. Can anyone help me to check the problem? Thanks ahead.
$username = "root";
$password = "";
$hostname = "localhost";
$dbname = "vti_ctes_demo";
$con = mysql_connect($hostname, $username, $password);
if (!$con) {
die('Could not connect: ' . mysql_error());
}else
{
echo 'connected';
}
// make foo the current db
$db_selected = mysql_select_db($dbname, $con);
if (!$db_selected) {
die ('Can\'t use vti_ctes_demo : ' . mysql_error());
}else
{
echo 'connected';
}
The moment I run the query, I get this error:
Can't use vti_ctes_demo : Access denied for user ''#'localhost' to database 'vti_ctes_demo'
I have set the username as 'root', but it seems like it can't receive the username. Btw, first connection is successful. Just that, the moment when it's connected to the db, then the error appeared.
You need grant privileges to the user "root" if you want external access to database vti_ctes_demo.
Use this to grant permission to the user
I am a PHP newbie and have been trying for sometime now to connect to MySQL database using PHP so I can insert data into a table I have created but I am unable to do this.
I suspect the problem is coming from my PHP .ini file,but that's just me.
Would be grateful if anyone can help me configure my PHP .ini file so I can connect to MySQL and insert data into my table. Here is my PHP script in case you are wondering.
Any help will be gratefully appreciated.
<?php
$host ="localhost";
$username = "username";
$password = "password";
$database = "database1";
$table ="users";
$con = mysql_connect("localhost","username","password");
if (!$con)
{
die('Could not connect:'.mysql_error());
}
mysql_select_db("database1",$con);
$mysql = "INSERT INTO $table(name,email,password)
VALUES('$_POST[name]','$_POST[email]','$_POST[password]";
if(mysql_query($mysql)) die(mysql_error());
echo"Data inserted";
mysql_close();
?>
I revised some of your code this should work. You had a bunch of little errors. I suggest you read a couple tutorials on just connecting and the syntax of php.
Here is some really basic examples of connecting to a database:
http://www.w3schools.com/php/php_mysql_connect.asp
Also once you get the hang of it here is a really good tutorial to teach you the OOP way of creating a class for a database:
http://net.tutsplus.com/tutorials/php/real-world-oop-with-php-and-mysql/
As far as I see this is not an ini issue. I hope this helps.
<?php
//Set your variables
$host = "127.0.0.1";
$username = "username";
$password = "password";
$database = "database1";
$table = "users";
//Make your connection to database
$con = mysql_connect($host,$username,$password);
//Check your connection
if (!$con) {
die("Could not connect: " . mysql_error());
}
//Select your database
$db_selected = mysql_select_db($database, $con);
//Check to make sure the database is there
if (!$db_selected) {
die ('Can\'t use the db : ' . mysql_error());
}
//Run query
$result = mysql_query("INSERT INTO $table(name,email,password) VALUES('$_POST[name]','$_POST[email]','$_POST[password]'");
//Check Query
if (!$result) {
die("lid query: " . mysql_error());
}
echo "Data inserted";
mysql_close($con);
?>
First, why do you have <br/> in your PHP statements? Remove all those.
Also, you have to use PDO or mysqli_ instead of the mysql_ library, mysql_ is deprecated.
Pretty simple stuff, I know, but am getting an error
<?php
session_start();
$dbhost = "###"; // this will ususally be 'localhost', but can sometimes differ
$dbname = "###"; // the name of the database that you are going to use for this project
$dbuser = "###"; // the username that you created, or were given, to access your database
$dbpass = "###"; // the password that you created, or were given, to access your database
mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());
mysql_select_db("###", $con);
$safe_email = mysql_real_escape_string($_POST['email']);
$sql="INSERT INTO register (email) VALUES ('{$safe_email}')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
mysql_close($con)
?>
$con is not defined anywhere in your code, before you use it in the query call. You should have:
$con = mysql_connect(...) or die(mysql_error());
Beyond that, your code is WIDE open to SQL injection attacks. You should have:
$safe_email = mysql_real_escape_string($_POST['email']);
$sql="INSERT INTO register (email) VALUES ('{$safe_email}')";
Assuming the following:
You don't have a lot of experience with PHP
The information that has been provided to you is correct
This is an example script and you know the values that need to be substituted for $dbname, $dbhost, $dbuser and $dbpass
Please try the following and report back if you get any output at all to screen:
<?php
session_start();
print "Connecting and inserting email: ".$_POST['email']."...";
$dbhost = "###"; // this will ususally be 'localhost', but can sometimes differ
$dbname = "###"; // the name of the database that you are going to use for this project
$dbuser = "###"; // the username that you created, or were given, to access your database
$dbpass = "###"; // the password that you created, or were given, to access your database
$con = mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());
$safe_email = mysql_real_escape_string($_POST['email']);
$sql="INSERT INTO register (email) VALUES ('{$safe_email}')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
print "success! Inserted email with row id: ".mysql_insert_id();
mysql_close($con)
?>
this may just be me but you should but strings on a single line or use the concatenation (.) for the strings
$sql="INSERT INTO register (email) VALUES ('$_POST[email]')";
Other than that you should clean the information before adding it into the database otherwise your asking for sql injection attacks.
now to the actual problem. your using a variable that is undefined called conn. i am assuming your referencing the connection made, but you never set that variable to the connection like so
$conn = mysql_connect($dblocal,$dbuser,$dbpass) or die(xxx);