I am working on a project, and I am getting undefined errors for $host, $dbname, $user, and $pass.
But the errors only occur when those are inside of the dbConnect() function.
Here's the code (upload.php):
<?php
error_reporting(E_ALL);
require('config.php');
$filename = htmlentities($_FILES['file']['name']);
$tmpname = $_FILES['file']['tmp_name'];
$filesize = $_FILES['file']['size'];
$filetype = $_FILES['file']['type'];
function dbConnect() {
try {
global $dbcon;
$dbcon = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
}
catch (PDOException $e) {
echo $e->getMessage();
}
}
if (dbConnect()) {
print('worked');
}
config.php:
<?php
global $host, $user, $pass, $dbname;
$host = "localhost"; // MySQL Hostname
$user = "root"; // MySQL User
$pass = "mypass"; // MySQL Password
$dbname = "files";
You need to pass the variables into the function as parameters. Variables declared outside a function are not available inside that function:
function dbConnect($user, $pass, $host, $dbname) {
try {
global $dbcon;
$dbcon = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
}
# ...
Read more about Variable Scope in PHP.
I would suggest that you use an array to store your connection string info.
First, create a function in your config.php page that returns the necessary DB connection string info. To use, you would simply declare a variable within upload.php of $dbconfig that stores the values returned from the loadDBConfig() function in your config.php file. You will then execute the dbConnect() function by declaring your $dbcon variable and setting the value to dbConnect(). This will return the result of your function to the variable, which you can then check for the desired result.
This solution removes the need for global variables and improves the organization.
Note: Your entire DB interaction should technically be moved to a class for improved portability.
upload.php:
...
function dbConnect() {
$dbconfig = loadDBConfig();
try {
$dburl = "mysql:host=" . $dbconfig['host'] . ";dbname=" . $dbconfig['dbname'];
return new PDO($dburl, $dbconfig['user'], $dbconfig['pass']);
} catch (PDOException $e) {
echo $e->getMessage();
}
}
$dbcon = dbConnect();
...
config.php:
<?php
function loadDBConfig(){
$host = "localhost"; // MySQL Hostname
$user = "root"; // MySQL User
$pass = "mypass"; // MySQL Password
$dbname = "files";
return array('host' => $host, 'user' => $user, 'pass' => $pass, 'dbname' => $dbname);
}
?>
You need to declare those vars GLOBAL inside dbConnect too.
function dbConnect() {
try {
global $dbcon;
global $host, $user, $pass, $dbname;
$dbcon = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
}
catch (PDOException $e) {
echo $e->getMessage();
}
}
EDIT
Yes, globals aren't a really good idea - they hinder code reuse and "pollute" the namespace, you never known which variables are there and which aren't, and risk changing a variable which was used somewhere else.
A better way to approach the problem would be to pass the required information as "parameters". The same applies to the return value, which could be a resource (if everything went well) or a string representing an error message.
function dbConnect($host, $dbname, $user = 'nobody', $pass = '') {
try {
return new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
}
catch (PDOException $e) {
return $e->getMessage();
}
}
You would call such a function passing the parameters and checking its output, which if everything went well, is expected to be an object:
if (!is_object($conn = dbConnect($host, $dbname, $user, $pass) {
die("There was an error: $conn");
}
Another advantage of parameters is that you can have default values for parameters (e.g., if you wrote dbConnect($host, $dbname), the function would "understand" and use 'nobody' and an empty password for the remaining parameters).
Related
I am trying to use connect to database, however I get this error, I am running this on php terminal.
I checked out other sources as well like this one but didn't have the answer I was looking for
Any suggestions or best practices ?
SQLSTATE[HY000] [2002] Connection refusedsomething went wrong
Db.php
<?php
error_reporting(-1);
class Db{
private $db_host;
private $db_user;
private $db_name;
private $db_pass;
public function __construct()
{
$this->db_host = "127.0.0.1";
$this->db_user = "root";
$this->db_pass = "";
$this->db_name = "eli9";
try{
$pdo = new PDO("mysql:host=127.0.0.1;dbname=eli9", $this->db_user, $this->db_pass);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "connected sucessfully \n";
}
catch(PDOexception $e){
echo $e->getMessage();
echo "something went wrong \n";
}
}
}
index.php
<?php
require_once 'Db.php';
$db = new Db();
With the help of #addie code, i was able to find the problem, and it was the following
1) i originally was not using a port number
2) i changed the port number to 8889 instead of 3306
so here is the final code for Db.php
<?php
error_reporting(-1);
class Db{
private $db_host;
private $db_user;
private $db_name;
private $db_pass;
public function __construct()
{
$this->db_host = "127.0.0.1";
$this->db_user = "root";
$this->db_pass = "root";
$this->db_name = "eli9";
try {
$db = new PDO("mysql:host=127.0.0.1;port=8889,dbname=eli9", 'root', 'root');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
echo "connected";
}
catch (PDOException $e){
echo $e->getMessage();
}
}
}
Thank you #addie, but my pervading question is why do i need to include the port in the pdo if that is not the php manual ?
try this, works for me
$pdo = new PDO("mysql:host=$this->db_host;dbname=$this->db_name", $this->db_user, $this->db_pass);
you set variable into $this->db_host = "127.0.0.1" but didn't use into connection
try this without class till you get connected and use $db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING); to check if there any error
also try port 8889
try {
$db = new PDO("mysql:host=127.0.0.1;port=3306,dbname=eli9", 'root', '');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
echo "connected";
}
catch (PDOException $e){
echo $e->getMessage();
}
I'm using this same block of code in numerous PHP files and sometimes in the same PHP file (e.g., when there's an if/else. I know there's a better way, but I'm not quite sure how to do it. I want to replace this big block with something, but not sure what fits. require maybe?
$hostname = 'localhost';
$database = 'dev_testing';
$username = 'root';
$password = 'XXXXXX';
$dbh = new PDO("mysql:host=$hostname;dbname=$database", $username, $password);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
The answers by #maalls and #TahaPaksu are good, but #marcB's comment is even better: usually you'd want to connect to the database only once per script execution. I don't want to kick you right in the direction of dependency injection, but as an intermediate solution, I'd like to suggest this class, which looks roughly like a singleton, but is actually the Memoization pattern implementation (see also PHP Design Patterns for other pattern examples).
Anyway: the code:
class Database() {
static private $connection = null;
public static function getConnection() {
if (static::$connection === null) {
$hostname = 'localhost';
$database = 'dev_testing';
$username = 'root';
$password = 'XXXXXX';
$dbh = new PDO("mysql:host=$hostname;dbname=$database", $username, $password);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
static::$connection = $dbh;
}
return static::$connection;
}
}
In your script you can call it using
$dbh = Database::getConnection();
You can call that line as often as you like but it will only connect to the database the first time it's called for that script. Subsequent calls will just return the same connection. This will save quite some overhead on your database.
Create a separate file (for ex. "connection.php"), put the code in it, and everywhere you need it, include the following at the begining of your code:
require_once('connection.php');
you can use a global function which you include in top of your php files:
require_once("db.php");
file db.php:
function db_connect(){
$hostname = 'localhost';
$database = 'dev_testing';
$username = 'root';
$password = 'XXXXXX';
$dbh = new PDO("mysql:host=$hostname;dbname=$database", $username, $password);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $dbh;
}
and in your files:
$dbh = db_connect();
...
// don't forget to close db before you open a new connection!
$dbh = null;
I am trying to insert into a database through PHP. However, when I connect to the PHP file I get server 500 error. Would anyone be able to spot what I am doing wrong?
<?php
include 'db-security.php';
function db_login()
{
$userName = filter_input(INPUT_POST, "userName");
$password = filter_input(INPUT_POST, "password");
//binding the variable to sql.
$statement = $link->prepare("INSERT INTO user(username, password)
VALUES($userName, $password)");
//execute the sql statement.
$statement->execute();
}
db_login();
?>
Updated:
I have discovered the error occurs when i add filer_input or $_post to the php.
<?php
include 'db-security.php';
function db_login() {
global $conn;
// use my eaxmple to filter input to get the data out of the form, because security.
//$userName = filter_input(INPUT_POST, "userName");
$userName = $_POST['userName'];
$password = $_POST['password'];
//$password = filter_input(INPUT_POST, "password");
//binding the variable to sql.
$stmt = $conn->prepare("INSERT INTO user(username, password)VALUES(:usrname, :pswd)");
$stmt->bindParam(':pswd', $password);
$stmt->bindParam(':usrname', $userName);
$stmt->execute();
//execute the sql statement.
}
db_login();
?>
db-security.php
<?php
include_once 'conf.php';
function db_connect() {
// Define connection as a static variable, to avoid connecting more than once
static $conn;
// Try and connect to the database, if a connection has not been established yet
if(!isset($conn)) {
// Load configuration as an array. Use the actual location of your configuration file
try
{
$conn = new PDO("mysql:host=localhost;port=3307;dbname=database", DB_USERNAME,DB_PASSWORD);
// stores the outcome of the connection into a class variable
$db_msg = 'Connected to database';
}
catch(PDOException $e)
{
$conn = -1;
$db_msg = $e->getMessage();
}
//$conn = new PDO(DB_HOST,DB_USERNAME,DB_PASSWORD , MAIN_DB);
}
}
db_connect();
?>
Where is $link defined? In 'db-security.php'? If yes then you have a variable scope problem. Just pass $link in the function call. This would have to be done for all functions.
define function as = function db_login($link)
call function like = db_login($link);
EDIT:
Don't use a function for 'db-security.php' it should be like this:
<?php
$conn = new PDO('mysql:host=localhost;dbname=testdb;charset=utf8', 'username', 'password');
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
?>
This is not complete code, just a sample. Now $conn is in the global variable scope and using global in the functions will work. Or just pass $conn to the function and not use global at all.
EDIT2:
Below are the working sample scripts. You need to change some information to match your setup. I'm not sure why the function is called db_login() since the function actually adds the user/password into the 'user' table.
conf.php
<?php
define('DB_USERNAME', 'test');
define('DB_PASSWORD', '123456');
?>
db-security.php
<?php
include_once 'conf.php';
try
{
$conn = new pdo("mysql:host=localhost; dbname=test; charset=utf8", DB_USERNAME, DB_PASSWORD);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
}
catch(PDOException $e)
{
die('Unable to connect to database!');
}
?>
main script
<?php
include 'db-security.php';
function db_login()
{
global $conn;
$userName = $_POST['userName'];
$password = $_POST['password'];
$stmt = $conn->prepare("INSERT INTO user(username, password) VALUES(:usrname, :pswd)");
$stmt->bindParam(':usrname', $userName);
$stmt->bindParam(':pswd', $password);
$stmt->execute();
}
db_login();
?>
So you need to bind your parameters after prepare statement
$stmt = $link->prepare("INSERT INTO user(username, password)VALUES(:usrname, :pswd)");
$stmt->bindParam(':pswd', $password);
$stmt->bindParam(':usrname', $userName);
$stmt->execute();
I have been looking at your code and I would advice you to try a different approach. I've been wrapping my head around this subject for a while when learning PHP. Best advice i've had is that you can best try when fetching information from the DB is using a try/catch statement everytime. Sounds annoying or problematic but it easy to overlook and well written maintained code because you know every try catch block will execute or catch the error atleast.
With PDO being one of the best solutions because it can connect with multiple databases the best way to execute getting information from the Database is this:*
I am gonna give you my example of something i wrote. I don't want to write it all out in your situation because i feel that's something you can better do to learn what went wrong and i hope this gives you a step in the right direction.
database.php
$serverName = "";
$dbName = "";
$userName = "";
$password = "";
try {
$db = new PDO("mysql:host=$serverName;dbname=$dbName", $userName, $password);
// Set the PDO error mode to exception
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->exec("SET NAMES 'utf8'");
}
catch(PDOException $e){
echo"Connection failed: " . $e->getMessage();
exit;
}
?>
index.php Executing a simple commmand get firstName from employers
<?php
require_once 'database.php';
try
{
$sQuery = "
SELECT
firstName
FROM
employees
";
$oStmt = $db->prepare($sQuery);
$oStmt->execute();
while($aRow = $oStmt->fetch(PDO::FETCH_ASSOC))
{
echo $aRow['firstName'].'<br />';
}
}
catch(PDOException $e)
{
$sMsg = '<p>
Regelnummer: '.$e->getLine().'<br />
Bestand: '.$e->getFile().'<br />
Foutmelding: '.$e->getMessage().'
</p>';
trigger_error($sMsg);
}
?>
Good luck and i hope my index.php is helpful in showing you how I find is the best way momentarily to talk to the database.
I am new to PHP and need to modify some code in order to compile with my Microsoft SQL Server. The original code is like this. I downloaded it from usercake
<?php
/*
UserCake Version: 2.0.2
http://usercake.com
*/
//Database Information
$db_host = "localhost"; //Host address (most likely localhost)
$db_name = "202"; //Name of Database
$db_user = "202"; //Name of database user
$db_pass = "password"; //Password for database user
$db_table_prefix = "uc_";
GLOBAL $errors;
GLOBAL $successes;
$errors = array();
$successes = array();
/* Create a new mysqli object with database connection parameters */
$mysqli = new mysqli($db_host, $db_user, $db_pass, $db_name);
GLOBAL $mysqli;
if(mysqli_connect_errno()) {
echo "Connection Failed: " . mysqli_connect_errno();
exit();
}
//Direct to install directory, if it exists
if(is_dir("install/"))
{
header("Location: install/");
die();
}
?>
I already installed sqlsrv and tested the link. It works with my database. Then I changed the code to this:
<?php
//Database Information
$server = "servername";
$connectionInfo = array("Database"=>"databasename","UID"=>"xxxxxx", "PWD"=>"xxxxxx" );
$db_table_prefix = "uc_";
GLOBAL $errors;
GLOBAL $successes;
$errors = array();
$successes = array();
/* Create a new sqlsrv object with database connection parameters */
$mssqlsrv = new sqlsrv($server, $connectionInfo);
GLOBAL $mssqlsrv;
if(sqlsrv_connect_errno()) {
echo "Connection Failed: " . sqlsrv_connect_errno();
exit();
}
//Direct to install directory, if it exists
if(is_dir("install/"))
{
header("Location: install/");
die();
}
?>
I get the following error message:
Fatal error: Class 'mssql' not found in
I think this line is the problem:
$mssqlsrv = new sqlsrv($server, $connectionInfo);
But I do not know how to fix this.
I would use PDO in this case: http://www.php.net/manual/en/pdo.construct.php
You can create a DSN connection to SQL Server
$dsn = "sqlsrv:Server=servername;Database=databasename"
$user = 'dbuser';
$password = 'dbpass';
try {
$dbh = new PDO($dsn, $user, $password);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
The information to connect to SQL server is available here: http://www.php.net/manual/en/ref.pdo-sqlsrv.connection.php
<?php
$dbtype = 'mysql';
$mysql_host = "localhost";
$mysql_database = "mydb";
$mysql_user = "root";
$mysql_password = "";
try {
$db = new PDO ( $dbtype . ':host=' . $mysql_host . ';dbname=' . $mysql_database, $mysql_user, $mysql_password, array (PDO::ATTR_PERSISTENT => true ) );
return $db;
} catch ( PDOException $e ) {
return false;
}
?>
Above are my db.php
<?php
require db.php";
...
global $db;
$stmt = $db->prepare ( "INSERT INTO quote (title, contactname) VALUES (:a, :b);" );
I actually able to run it properly under my IDE (ZendStudo wamp server) but once i upload to host server i got this error. Anybody facing the same problem before can guide me how to fix?
There can me many reasons, but one obivious is that is you had a PDOException, then $db == false, which would explain the error message.
Try to check if $db is correctly set as a PDO or false.
PDO does not throw exceptions unless you explicitly instruct it to do so:
$db = new PDO(...);
$db ->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);