Simple php/mysql not working - php

I have the following in a php script.All I get is a blank page, no errors or nothing.
error_reporting(E_ALL);
ini_set("display_errors", 1);
$database = "mydatabase";
$con = mysql_connect("localhost", "admin", "password") or die(mysql_error());
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
$db = mysql_select_db($database);
if(!$db){
die('Could not connect: ' . mysql_error());
}
if(isset($_POST['id'])){
$userid = mysql_real_escape_string($_POST['id']);
echo($userid);
}
if(isset($_POST['name')){
$username = mysql_real_escape_string(htmlentities($_POST['name']));
echo($username);
}
$query = mysql_query("SELECT * FROM userinfo
WHERE userid ='$userid'")or die(mysql_error());
if(mysql_num_rows($query) > 0){
echo "yeah";
}else{
$query = mysql_query("INSERT INTO userinfo (username,userid)
VALUES ($username,$userid)")or die(mysql_error());
if(mysql_affected_rows($query)== 1){
echo "UPDATED";
}else{
echo "NOPE";
}
}

You should format your code better. Also you where missing a close ] bracket on this line, if (isset($_POST['Name')) {
<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);
$database = "mydatabase";
$con = mysql_connect("localhost", "admin", "password") or die(mysql_error());
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
$db = mysql_select_db($database);
if(!$db)
{
die('Could not connect: ' . mysql_error());
}
if(isset($_POST['id']))
{
$userid = mysql_real_escape_string($_POST['id']);
echo($userid);
}
if(isset($_POST['name']))
{
$username = mysql_real_escape_string(htmlentities($_POST['name']));
echo($username);
}
$query = mysql_query("SELECT * FROM userinfo WHERE userid ='$userid'")or die(mysql_error());
if(mysql_num_rows($query) > 0)
{
echo "yeah";
}
else
{
$query = mysql_query("INSERT INTO userinfo (username,userid) VALUES ($username,$userid)")or die(mysql_error());
if(mysql_affected_rows($query)== 1)
{
echo "UPDATED";
}
else
{
echo "NOPE";
}
}
?>

You also have an error in your SQL:
INSERT INTO userinfo (username,userid)
VALUES ($username,$userid)
The values here should be quoted:
INSERT INTO userinfo (username,userid)
VALUES ('$username', '$userid')

Related

PHP and SQL -- Select from database

I have a problem with this code. It has syntax error and I don't know what is it.
<?php
$host = 'localhost';
$user = 'root';
$pass = '';
$db = 'id1381007_accounts';
$conn = new mysqli($host,$user,$pass,$db) or die($mysqli->error);
if (!$conn) {
die('Could not connect: ' . mysql_error());
$sql = 'SELECT id FROM users WHERE email=\"donat12#icloud.com\"';
echo $sql;
?>
There are some issue with the code. First you forgot to close the if condition over here
if (!$conn) {
And then you forgot to execute the sql query
the complete code would be like
<?php
$host = 'localhost';
$user = 'root';
$pass = '';
$db = 'id1381007_accounts';
$conn = new mysqli($host,$user,$pass,$db) or die($mysqli->error);
if (!$conn) {
die('Could not connect: ' . mysql_error());
}
$sql = 'SELECT id FROM users WHERE email=\"donat12#icloud.com\"';
if ($result = $conn->query($sql)) {
while ( $row = $result->fetch_assoc()) {
$data[] = $row;
}
echo "<pre>";
print_r($data);
echo "</pre>";
}
$conn->close();
?>
There are two errors
You are missing } closing bracket after die
Mysql query is wrong.
So the code should be
if (!$conn) {
die('Could not connect: ' . mysql_error());
}
$sql = 'SELECT id FROM users WHERE email="donat12#icloud.com"';
echo $sql;

Checking if username is available

I am trying to check if the username is available before i insert into the table.
But it seems to insert into the table no matter if the username already exists.
Here is my php code:
<?php
session_start();
define('DB_NAME', 'madsanker_dk_db');
define('DB_USER', 'madsanker_dk');
define('DB_PASSWORD', 'myPassword');
define('DB_HOST', 'mysql43.unoeuro.com');
$link = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Could not connect: ' .mysqli_error());
}
$db_selected = mysqli_select_db( $link, DB_NAME);
if (!$db_selected) {
die('Could not connect: ' .mysqli_connect_error());
}
$username = $_POST['username'];
$password = $_POST['password'];
$name = $_POST['name'];
$email = $_POST['email'];
$username = mysqli_real_escape_string($link,$username);
$password = mysqli_real_escape_string($link,$password);
$name = mysqli_real_escape_string($link,$name);
$email = mysqli_real_escape_string($link,$email);
$password = md5($password);
$sql = "SELECT * FROM mainLogin WHERE username = '$username'";
$result = mysqli_query($link, $sql);
$count = mysqli_num_rows($result);
if($count > 0) {
$sql = "INSERT INTO mainLogin (username, password, name, email) VALUES ('$username', '$password', '$name','$email' )";
$result = mysqli_query($link, $sql);
if (!$result) {
die('Error: ' . mysqli_error($link));
}else {
$_SESSION['login'] = $username;
echo "<script>window.location = 'http://madsanker.dk.linux101.unoeuro-server.com'</script>";
}
}else {
echo "username taken";
}
mysqli_close($link);
?>
What am I doing wrong?
just change the greater sign in your if statement from ">" to ==0
if($count==0){
}
If username already in db than change this condition:
if($count > 0) { 
//your stuff
}
With:
if($count <= 0) { // if not found
//your stuff
}

MySQL won't update with URL variable

I'm having troubles getting my code to work properly. If I type it into phpMyAdmin it works, but when I try it in the code, it doesn't update the database.
<?php
$con = mysql_connect("SERVER","USER","PASSWORD");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("DATABASE", $con);
$sp=mysql_real_escape_string($_GET['file']);
$query = "UPDATE TDB SET WEIGHT=100000 WHERE PATH='$sp'";
mysql_close($con);
?>
Try out this code snippet and see how you get on.
<?php
$con = mysql_connect("SERVER","USER","PASSWORD");
if (!$con) {
die('Could not connect: ' . mysql_error());
} else {
mysql_select_db("DATABASE", $con);
$sp=mysql_real_escape_string($_GET['file']);
$query = "UPDATE TDB SET WEIGHT=100000 WHERE PATH='$sp'";
$result = mysql_query($query);
mysql_close($con);
}
?>
I would recommend doing it this way as mysql is no longer supported by PHP.
<?php
$mysqli = new mysqli("localhost", "user", "password", "database");
if (!$mysqli) {
die('Could not connect: ' . $mysqli->connect_error);
} else {
$sp = $mysqli->real_escape_string($_GET['file']);
$query = "UPDATE TDB SET WEIGHT=100000 WHERE PATH='$sp'";
$mysqli->query(query);
$mysqli->close();
}
?>
You're not EXECUTING your query. You're just defining a string that happens to contain some SQL, e.g.
$sql = "blah blah blah";
$result = mysql_query($sql) or die(mysql_error()); <--forgot this
<?php
$con = mysql_connect("SERVER","USER","PASSWORD");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("DATABASE", $con);
$sp=mysql_real_escape_string($_GET['file']);
$sql = "UPDATE TRACKDB SET WEIGHT=100000 WHERE PATH='$sp'";
$result = mysql_query($sql) or die(mysql_error());
mysql_close($con);
?>

PHP SESSION will not be set by value from DB

Problem: I have built an login system and it works fine on my localhost.
Localhost: Here it works.
FTP-server: Here it's not working.
I've tried to fix this for 7 hours now.
$_POST is getting the value, if I set a $_SESSION it also shows the value.
DB info is correct.
I think the problem is when connecting to DB to get values. Where I did wrong I do not know, as above tried to fix this for a long time now.
Login file:
<?php
ini_set("default_charset","iso-8859-1");
session_start();
require_once("db_config.php");
echo $_SESSION['USER_ID']." - ";
if(!empty($_POST['username']) AND !empty($_POST['password'])) {
$username_db = $_POST['username'];
$password_db = $_POST['password'];
if(isset($username_db) AND isset($password_db)) {
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
$qry="SELECT * FROM user_table WHERE email='".$username_db."' OR alias='".$username_db."' AND password='".$password_db."' ";
$result=mysql_query($qry);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
while($rows=mysql_fetch_row($result)) {
$_SESSION['USER_ID'] = $rows['id'];
header("Location: index.php");
}
}
}
if(!empty($_SESSION['USER_ID'])) {
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
$qry="SELECT * FROM user_table WHERE id='".$_SESSION['USER_ID']."'";
$result=mysql_query($qry);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
while($rows=mysql_fetch_array($result)) {
header("Location: index.php");
}
}
?>
check if login SESSION is set: I think there is some messed up code here.
<?php
ini_set("default_charset","iso-8859-1");
session_start();
require_once("db_config.php");
if(!empty($_SESSION['USER_ID'])) {
$user_id = $_SESSION['USER_ID'];
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
$qry="SELECT * FROM user_table WHERE id='".$user_id."'";
$result=mysql_query($qry);
if (!$result) {
header("Location: login.php");
die('Invalid query: ' . mysql_error());
}
while($rows=mysql_fetch_array($result)) {
$_SESSION['ALIAS'] = $rows['alias'];
$_SESSION['FIRST_NAME'] = $rows['first_name'];
$_SESSION['LAST_NAME'] = $rows['last_name'];
$_SESSION['EMAIL'] = $rows['email'];
$_SESSION['USER_LEVEL'] = $rows['user_level'];
}
} else { header("Location: login.php"); }
?>

PHP MySQL INSERTING

I have a php with mysql that would insert some data to the database if there isn't the same information
<?php
$id=$_POST['id'];
$guildname=$_POST['guildname'];
$level=$_POST['level'];
$score=$_POST['score'];
$guildmaster=$_POST['guildmaster'];
$con = mysql_connect("localhost", "root", "");
if (!$con)
{die('Could not connect to mysql: ' . mysql_error());}
$mydb = mysql_select_db("gunbound");
if (!$mydb)
{die('Could not connect to database: ' . mysql_error());}
$dup = mysql_query("SELECT Id FROM guildrequest WHERE Id='".$_POST['id']."'");
if(mysql_num_rows($dup) >= 1){
echo '<b>You have already ask for guild request.</b>';
}
else
{
$dup2 = mysql_query("INSERT INTO guildrequest VALUES ('$id', '$guildname', '$level', '$score', '$guildmaster')");
}
Print "<center>You have requested to join the guild.</center>";
mysql_close($con);
?>
but its not adding the record to the database if there isn't a record equal
Nor executing this:
$dup2 = mysql_query("INSERT INTO guildrequest VALUES ('$id', '$guildname', '$level', '$score', '$guildmaster')");
even if the code:
if(mysql_num_rows($dup) >= 1){
says that he can do the action of inserting
please help me
Try this:
<?php
$id=$_POST['id'];
$guildname=$_POST['guildname'];
$level=$_POST['level'];
$score=$_POST['score'];
$guildmaster=$_POST['guildmaster'];
$con = mysql_connect("localhost", "root", "");
if (!$con)
{die('Could not connect to mysql: ' . mysql_error());}
$mydb = mysql_select_db("gunbound");
if (!$mydb)
{die('Could not connect to database: ' . mysql_error());}
$dup = mysql_query("SELECT Id FROM guildrequest WHERE Id='".$_POST['id']."'");
if(mysql_num_rows($dup) >= 1){
echo '<b>You have already ask for guild request.</b>';
}
else
{
$dup2 = mysql_query("INSERT INTO guildrequest VALUES ('$id', '$guildname', '$level', '$score', '$guildmaster')");
return $dup2;
}
Print "<center>You have requested to join the guild.</center>";
mysql_close($con);
?>
I have add return to your else statement. I will execute your $dub2 variable. You could if you want to leave the variable $dub2 out then you will intermediately execute your query. Another way would be to use mysql_execute() function.
This would be a MYSQLI equivalent:
<?php
$id=$_POST['id'];
$guildname=$_POST['guildname'];
$level=$_POST['level'];
$score=$_POST['score'];
$guildmaster=$_POST['guildmaster'];
$host = "hostname";
$user = "username";
$password = "password";
$database = "database";
$con = mysqli_connect($host, $user, $password, $database);
if (!$con)
{die('Could not connect to mysql: ' . mysql_error());}
$dup = "SELECT Id FROM guildrequest WHERE Id='".$_POST['id']."'";
mysqli_query($con, $dup);
if (!$dup)
{die('Could not connect to database: ' . mysql_error());}
if(mysqli_num_rows($dup) >= 1){
echo '<b>You have already ask for guild request.</b>';
}
else
{
$dup2 = "INSERT INTO guildrequest VALUES ('$id', '$guildname', '$level', '$score', '$guildmaster')";
mysqli_query($con, $dup2);
}
Print "<center>You have requested to join the guild.</center>";
mysqli_close($con);
?>

Categories