Asked  7 Months ago    Answers:  5   Viewed   62 times

this script works fine on Local Host and Other free Hosting but not on "host Gator "it should be " PHP.ini " Any Help !?!?

function.php

<?php
    date_default_timezone_set("America/Chicago");
    echo date("Y/m/d H:i:s");
function consql($con){
    $con=mysqli_connect("host","BDusername","DBPassWord","DB") or die( mysqli_error($con));}
?>

index.php

line #1 "Very top "

<?php
SESSION_START();
require_once"inc/function.php";
consql($con);
?>

line#12

  <?php
    if(isset($_SESSION['user']))
    {
        header("location:users.php");
    }
    elseif(isset($_POST['submit']))
    {
        $result=mysqli_query("select user_id,password from user_login where name='$_POST[username]'")     or die(mysqli_error($con)); // ** line # 19 ** //
        $n=mysqli_fetch_assoc($result);
        if($n['password']!=$_POST['userpassword'])
        {
          echo "user name or password wrong";
        }
        else
        {
          echo "you loged in as $_POST[username]";
          $_SESSION['user']=$n['user_id'];
          header("location:users.php");
        }
    }
    else 

I'm new to mysqli and looked up here for same error but didn't get the point on most of them.

 Answers

61

You can use

function consql(&$con){
  $con=mysqli_connect("host","BDusername","DBPassWord","DB") or die( mysqli_error($con));
}

So this is call by reference and $con can use at any page once you call the function

Or use global $con; before the connection line

Saturday, May 29, 2021
 
CodeCaster
answered 7 Months ago
61

Here's the proper way to do things:

<?PHP
$sql = 'some query...';
$result = mysql_query($q);

if (! $result){
   throw new My_Db_Exception('Database error: ' . mysql_error());
}

while($row = mysql_fetch_assoc($result)){
  //handle rows.
}

Note the check on (! $result) -- if your $result is a boolean, it's certainly false, and it means there was a database error, meaning your query was probably bad.

Wednesday, March 31, 2021
 
JackTheKnife
answered 9 Months ago
25

Instead of

$date_parts1=explode($dformat, $beginDate);
$date_parts2=explode($dformat, $endDate);
$start_date=gregoriantojd($date_parts1[0], $date_parts1[1], $date_parts1[2]);
$end_date=gregoriantojd($date_parts2[0], $date_parts2[1], $date_parts2[2]);

try this

$date_parts1=strptime($beginDate, 'dd/mm/YYYY');
$date_parts2=strptime($endDate, 'dd/mm/YYYY');
$start_date=gregoriantojd($date_parts1['tm_mday'], $date_parts1['tm_mon'], $date_parts1['tm_year']);
$end_date=gregoriantojd($date_parts2['tm_mday'], $date_parts2['tm_mon'], $date_parts2['tm_year']);

It's a bit longer, but strptime is specifically for turning formatted date strings into an array of named pieces.

Saturday, May 29, 2021
 
tadman
answered 7 Months ago
39

yo need create the user "pma" in mysql or change this lines(user and password for mysql):

/* User for advanced features */
$cfg['Servers'][$i]['controluser'] = 'pma'; 
$cfg['Servers'][$i]['controlpass'] = '';

Linux: /etc/phpmyadmin/config.inc.php

Tuesday, July 13, 2021
 
ShadowZzz
answered 5 Months ago
36

This is how your code should look (with added SQL Injection protection):

<?php
include "dbinfo.php"; //contains mysqli_connect information (the $mysqli variable)
//inputs
$name = mysqli_real_escape_string($_GET['name']);
$text = mysqli_real_escape_string($_GET['text']);

$sqlqr = "INSERT INTO `ncool`.`coolbits_table` (`name`, `text`, `date`) VALUES ('" . $name . "', '" . $text . "', CURRENT_TIMESTAMP);";

mysqli_query($mysqli,$sqlqr); //function where the magic happens.
?>

Take a look at what I've done. Firstly I've escaped the user input you're retrieving into the $name and $text variables (this is pretty much a must for security reasons) and as others have suggested you should preferably be using prepared statements.

The problem is that you weren't surrounding string values with single quotes ('), which is a requirement of the SQL syntax.

I hope this helps to answer your question.

Thursday, September 2, 2021
 
Pachvarsh
answered 3 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :
 
Share