Asked  7 Months ago    Answers:  5   Viewed   23 times

I've a website designed in php with mysqli (mysql - improved) extension. The phpinfo() page shows this:

./configure --disable-fileinfo --disable-phar --enable-bcmath --enable-calendar --enable-ftp --enable-gd-native-ttf --enable-libxml --enable-magic-quotes --enable-mbstring --enable-pdo=shared --enable-soap --enable-sockets --enable-wddx --enable-zend-multibyte --enable-zip --prefix=/usr --with-bz2 --with-curl=/opt/curlssl/ --with-curlwrappers --with-freetype-dir=/usr --with-gd --with-imap=/opt/php_with_imap_client/ --with-imap-ssl=/usr --with-jpeg-dir=/usr --with-kerberos --with-libdir=lib64 --with-libexpat-dir=/usr --with-libxml-dir=/opt/xml2 --with-libxml-dir=/opt/xml2/ --with-mcrypt=/opt/libmcrypt/ --with-mysql=/usr --with-mysql-sock=/var/lib/mysql/mysql.sock --with-mysqli=/usr/bin/mysql_config --with-openssl=/usr --with-openssl-dir=/usr --with-pcre-regex=/opt/pcre --with-pdo-mysql=shared --with-pdo-sqlite=shared --with-pic --with-png-dir=/usr --with-pspell --with-sqlite=shared --with-tidy=/opt/tidy/ --with-xmlrpc --with-xpm-dir=/usr --with-xsl=/opt/xslt/ --with-zlib --with-zlib-dir=/usr

Does this mean that mysqli extension is enabled in this configuration?



Should the mysqli extension be enabled then on the very same phpinfo page a "MysqlI Support | enabled" table header should appear. Look for that:

enter image description here

If you want to find out in a script, look for a function specific for mysqli like mysqli_connect() and than check if it exists:


If this outputs FALSE, then it does not exists and it's highly likely that you can not use the module.

Wednesday, March 31, 2021
answered 7 Months ago

You can use

function consql(&$con){
  $con=mysqli_connect("host","BDusername","DBPassWord","DB") or die( mysqli_error($con));

So this is call by reference and $con can use at any page once you call the function

Or use global $con; before the connection line

Saturday, May 29, 2021
answered 5 Months ago

yo need create the user "pma" in mysql or change this lines(user and password for mysql):

/* User for advanced features */
$cfg['Servers'][$i]['controluser'] = 'pma'; 
$cfg['Servers'][$i]['controlpass'] = '';

Linux: /etc/phpmyadmin/

Tuesday, July 13, 2021
answered 4 Months ago

Find the folder you installed PHPUnit in. There should be a file called phpunit.bat. It should have a line that reads something like

set PHPBIN="C:phpphp.exe"
%PHPBIN% "C:phpphpunit" %*

Change it to read

set PHPBIN="C:xamppphpphp.exe"
%PHPBIN% "C:xamppphpphpunit" %*

Or whatever the path to your PHP executable is

Friday, August 13, 2021
answered 3 Months ago

This is how your code should look (with added SQL Injection protection):

include "dbinfo.php"; //contains mysqli_connect information (the $mysqli variable)
$name = mysqli_real_escape_string($_GET['name']);
$text = mysqli_real_escape_string($_GET['text']);

$sqlqr = "INSERT INTO `ncool`.`coolbits_table` (`name`, `text`, `date`) VALUES ('" . $name . "', '" . $text . "', CURRENT_TIMESTAMP);";

mysqli_query($mysqli,$sqlqr); //function where the magic happens.

Take a look at what I've done. Firstly I've escaped the user input you're retrieving into the $name and $text variables (this is pretty much a must for security reasons) and as others have suggested you should preferably be using prepared statements.

The problem is that you weren't surrounding string values with single quotes ('), which is a requirement of the SQL syntax.

I hope this helps to answer your question.

Thursday, September 2, 2021
answered 2 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :