AdmiralQ

What do you mean “would I accept that from my students?” Who do you think you are talking to me like that? You aren’t my teacher! If you can’t answer without demeaning then don’t answer.

I’m aware I’m using the old mysql. That’s my point. I’m trying to update it. I’ve got a site with 1000+ files and most files have several hundred lines of code. I’ve looked through the documentation for help with syntax and format with this, but I do not understand the way they write it. I always have to google other people’s code to get a complete idea of syntax and format, but this one still eludes me. I just need a simple hand here for updating this one line of code.

I am updating from PHP 5 and MySQL 5 and have gotten the hang of basic queries for INSERT, UPDATE, SELECT, and DELETE. But I cannot seem to get num_rows for work. I’ve looked at several sites for examples, but I can’t seem to make it functional. Below is how I would have written a mysql_num_rows() in the past. I know that it’s been deprecated. I would appreciate it if somebody could show me the current re-write. I also know num_rows seems to be frowned upon but I’ve already got my work cut out for me on the upgrades I have to finish before Monday, Oct 21st, for my students so I’m just needing to understand the current structure. THANK YOU! $query = "SELECT * FROM ember_students WHERE teacher = '$uname'"; $result= $pdo->query($query); $num = mysql_num_rows($result); foreach($result AS $row){ print $row['lname'].", ".$row['fname']."<br>"; }

Nevermind all that. As soon as I switched to YOUR open connection code the script worked. You had given me a sample connection code on another thread last week, but I had already found something that seemed to work. It was obviously seriously flawed. When I switched to yours this problem went away. THANK YOU!

I'm getting the following error messages: Warning: Undefined variable $pdo in /home/jandrews/public_html/admin_authenticate.php on line 12 Fatal error: Uncaught Error: Call to a member function prepare() on null in /home/jandrews/public_html/admin_authenticate.php:12 Stack trace: #0 {main} thrown in /home/jandrews/public_html/admin_authenticate.php on line 12 That's the line with: $stmt = $pdo->prepare($query); <? session_start(); extract($_REQUEST); $fname = ""; $lname = ""; include 'r_open_link.php'; $query = "SELECT * FROM ember_features WHERE id = ?"; $stmt = $pdo->prepare($query); $stmt->execute([4]); $row = $stmt->fetch(); // Testing accurate dB data readout print "<br><br>"; print "First name: ".$row['fname']."<br>"; print "Last name: ".$row['lname']."<br>"; ?> I'm afraid being used to PHP 5 I also suck at understanding defining variables. When I added $pdo = ""; after $lname = ""; the undefined variable error went away but not the other one.

I got that dB open link code from a video on YouTube. I'll make the modifications you mentioned. I'm curious, do you have a preference between the non-prepared and the prepared, because I can follow the logical steps of the unprepared, but the prepared method is bit greek to me. I suspect you're going to tell me the prepared method is better and more secure (of course, because it's the more confusing one to me) so I just need to make myself okay with that. I think I can put it together. It's just so different from what I'm use to. THANK YOU for your response!

Greetings. So I'm coming from the last 12 years using MySQL 5. I'm rewriting my site from scratch and have updated to PHP 8 and MySQL 8. If I could get a couple of examples to query a dB for a single row using PDO and then again using mysqli I would greatly appreciate it. Before now I would have written it as such: $query = "SELECT * FROM ember_features WHERE id = '4'"; $result= mysql_query($query) or die("Could not perform query: ".mysql_error()); $row = mysql_fetch_array(result); I have already successfully opened a link to the dB using: $db_host = "localhost"; $db_name = "jandrews_emberedutech"; $db_username = "********"; $db_pword = "********"; $dsn = "mysql:host=$db_host;dbname=$db_name"; try { $db_connection = new PDO($dsn, $db_username, $db_pword); $db_connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_SILENT); //echo "Connection successful<br>"; } catch (PDOException $error){ echo "Error: ".$error->getMessage()."<br>"; echo "Code: ".$error->getCode()."<br>"; Die("Oops. Something went wrong in the dB."); } So I was hoping to get two working examples from this simple task that I could take and modify for my purposes ... one for the PDO method and the other for the mysqli method. THANK YOU!

Yes, so I understand the error (for whatever reason being HTTP 500) was the result of using antiquated syntax, and that I’m also going to have to re-learn how to interface with a dB using a new syntax. The PDO method mentioned early on got me watching some videos on that which very closely mimic the PDO connection code here. I’ve got quite a bit more PDO videos and research to do in order to rebuild the site, but thank all of you for your patience and input.

I checked the .ini file and both of these settings were set already as default so the http 500 error page seems to be displayed despite those settings. And yes, I created a php page to verify PHP functionality and put the phpinfo() in it to get the configuration display. Your statement that "ALL of the code dealing with data values being put directly into the sql query statements MUST be updated" is very helpful to me as it helps me fundamentally understand I'm just going to have to approach dB queries from different angle. So I guess I have some PDO syntax to learn. I do not mean to sound ungrateful. I've just spent the last 12 years writing code for a massive website which I use to manage and prepare resources for my students, and which they use to access those resources and learn. This website is over 1,000 files large with many files containing several hundred lines of code and some over 1,000 ... so you can see why I've been reluctant to update my PHP and MySQL systems. Doing so is relegating ALL of my code, my tools, and my resources to the ash heap of history. This 2008 Mercedes Benz I've been using (metaphor for my old server and site) has proven to be a POWERFUL tool in my class, but it seems to upgrade to the new 2024 Mercedes Benz is going to take a lot of learning, patience and most of all time. So, as I said up above, I guess I have some PDO syntax to learn.

Okay, I changed the mysql statements to mysqli and received the same message, and yes my old site has been running with PHP 5 for more than a decade, and I’m starting a new server obviously requiring current syntax. So could somebody provide me with current syntax for establishing an open connection? And also, I remember my friend (who set up my last dB for me) having to make some settings changes to make sure that the dB was accessible from everywhere. I tried to read up on this and found that I needed to add an access host as % to allow my students to login and access the dB from anywhere. This is not what I do for a living. I am a Spanish teacher and I use my admittedly limited knowledge to complement my classroom resources. I’m not a mechanic who doesn’t know how the car runs. I’m a teacher who doesn’t know how it runs, so please forgive the lack of knowledge and experience. I’m afraid I don’t know what $pdo is either. Previously it was just a simple process of opening a link to the dB and then sending queries when needed. If that remains the same then I suppose that’s what I need mostly, however, my question about are there any modifications to a dB once it’s first activated that need to be done besides creating the necessary user data.

Okay, let’s start with I know nothing about setting up a MySQL dB. I have used them for years but with a friend having helped me set up my last one literally more than a decade ago. I’ve purchased a new VPS and need the authentication script which I’ve used on my other site to function. Here is the old site’s script: <? $link = mysql_connect("localhost","xxxxxxxx","yyyyyyyy") or die("Could not connect: ".mysql_error()); mysql_select_db("zzzzzzzz")or die("Could not select database: ".mysql_error()); date_default_timezone_set('America/Winnipeg'); ?> x is the username, y is the password, and z is the dB name. This open dB link script works perfectly on my old site. Here is the script for the new site: $link = mysql_connect("localhost","xxxxxxxx","yyyyyyyy") or die("Could not connect: ".mysql_error()); mysql_select_db("zzzzzzzz")or die("Could not select database: ".mysql_error()); date_default_timezone_set('America/Winnipeg'); print "Test Alpha<br>"; As you can see they are practically identical. I’ve got the Test Alpha part in there just to help me verify page load, but the result on Chrome is a page which tells me: This page isn’t working. Emberedutech.com is currently unable to handle this request. HTTP ERROR 500. Other test pages to verify correct nameserver setting work, for example emberedutech.com/test_session1.php. I seem to be at the last step of setting up this website, but I am inexperienced (to say the least) with setting up dB’s. Please help.

I really appreciate all the input here. Let me try to answer as much as I can. So, the server is a VPN which I rent from GoDaddy. I run the WHM and the cPanel, though "run" is probably not the right word. I have little experience with that aspect. So, I have root access. The tmp folder in the root directory does have it's permissions set up properly ... 0755. I changed them to 0777 to see if that would correct the issue and it hasn't. I also attempted to use session_save_path to another folder which I titled "sessions" in my cPanel directory. It ran exactly as it had before. It used the new folder but had the same intermittent issues as had the other folder. If I just sit there and try time and time again to login I get a success rate of about 1 in every 4 or 5 attempts. Each failure is met with the same message that it did not have permission to write to the sessions file. I have a friend helping me who has more experience than I but he is perplexed too. We DID see the session file being written each time whether there was failure or success, but the failure sessions variables contained zero bytes ... were completely empty, whereas the successful ones contained the data you would expect them to have. So in each case it appears the session variable was CREATED, but then the system was denied access to WRITE to it. I have found several other instances online with problems matching this exact description but none of their stated solutions have worked. I have students walk into my classroom in 18 hours. Also, upon further testing I don't believe there's a relationship (as I previously suspected) between the http call and the https one. And, yes, I'm sending sessions_start() before any other coding. The headers to these files are contained in the "include 'r_declaration.php';" statement, and the "include 'r_open_link.php';" is a call to open a link to the dB. And the if/else arguments render the same result because I use to send mobile devices to another page. I haven't deleted the code as I plan on re-implementing this at some point. I just don't get it.

Still getting session errors!

All of the advice above is valuable, and I do plan on upgrading my PHP. I am a much better programmer now than when I started this project 11 years ago. HOWEVER ... Another variable I've noticed has come into play here. I've been getting server generated emails saying "Notification The service "ftpd" appears to be down." If there is intermittent failure of this process could that be causing the session variables not to get written in the tmp folder? Also, I noticed a change in behavior between http calls and https calls. Once I forced http instead of the browser wanting to use https I no longer had the session variable problem ... even if I began switching between the two protocols (http / https). Now I'm really confused!!! AAAUUUGGGHHHH! Below is a simple login script that I wrote to test session function. It worked with http, but when I put in https it gave the error messages without even submitting the form. But now, after having used both https and http it functions either way. It just feels like there's a monkey with a wrench living in my server!!! The kicker is that RIGHT NOW it's all working properly, but 1) I haven't done anything, and 2) how long will it continue to do so since I haven't "fixed" anything, and 3) what's up with that "ftpd" failure message?!?!? and is that ultimately the cause of all of this!!! <? session_start(); extract($_REQUEST); ?> <body bgcolor="000000" style="color: #ffffff;"> <p>Innovative Education Works</p> <form action="index_test2.php" method="post"> Username: <input type="text" name="uname" size="20"><br> Password: <input type="text" name="pword" size="15"><br> <input type="submit"> </form> </body>

Let me start by saying ... I suck. I am a high school Spanish teacher who manages his own WHM, cPanel, and site. I use PHP extensively on my site to create tools for my students. Nothing any one of you would call advanced coding, but I can do some really cool stuff with some really basic PHP and MySQL dB access. All that being said, let's go back to the first thing I said ... I suck. And here's why. I have not upgraded my PHP since version 5.4, and I have long since disabled automatic upgrades. My website is somewhere around 1,100 files which I've been building for the past 11 years and I have a great fear of upgrades to PHP and the truncating of old PHP rendering my site disabled. Imagine the task of going through 1,100 files many of which are several hundred lines of code long and re-coding truncated old PHP code, and then debugging the new code. I LOVE programming in PHP but I fear I'm about to reach a point where because of the age of my code that it won't work anymore. I have built the last ten years of my career as an adaptive and improvisational teacher on this code and website. So, my question is how real is my fear that if I upgrade to PHP 8 that I will encounter problems? You see my code is so old that I'm not even using the new MySQL protocols like "mysqli_query()." I still use "mysql_query()." I understand that there are reasons to start using the new format. I've just got a website full of code whose format is 11 years out of date.

I built a functional login form 11 years ago and it has worked all of that time. My account goes offline for non-payment for a couple of days due to me forgetting to update new payment info after a bank card had been compromised, and suddenly the login script which has been 100% reliable for more than a decade now returns: Warning: session_start(): open(/tmp/sess_{an alphanumeric string}, O_RDWR) failed: Permission denied (13) in /home/jandrews/public_html/admin_authenticate.php on line 2 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/jandrews/public_html/admin_authenticate.php:2) in /home/jandrews/public_html/admin_authenticate.php on line 2 And then the code returns me to the login page even though the username and password were valid. I wish to emphasize that this code hasn't changed since 2014! It is only in the last week that this problem has presented itself. The WEIRDEST PART OF THIS is that if I try and it fails to let me login, I can quit the browser and try again with about a 20% chance of it then working. You see ... it doesn't fail every time. About 4 out of 5 times. Here is the code for admin_authenticate.php <? session_start(); extract($_REQUEST); include 'r_open_link.php'; $query = "SELECT * FROM inno_school_staff WHERE uname = '$uname' and pword = '$pword'"; $result = mysql_query($query) or die("Could not perform query: ".mysql_error()); $row = mysql_fetch_array($result); $_SESSION['staff']['uname'] = $row['uname']; $_SESSION['staff']['fname'] = $row['fname']; $_SESSION['staff']['lname'] = $row['lname']; $_SESSION['staff']['type'] = $row['type']; $_SESSION['staff']['school']= $row['school_name']; $_SESSION['staff']['email']= $row['email']; $_SESSION['value_m'] = $row['value_m']; $_SESSION['value_p'] = $row['value_p']; $_SESSION['value_d'] = $row['value_d']; $_SESSION['value_b'] = $row['value_b']; if ($_SESSION['staff']['uname'] == ""){ print "<META HTTP-EQUIV=\"Refresh\" content=\"0;URL=admin_login.php?improper=1\">"; print "SEC_VAR: ".$sec_var."<br>"; } else { include 'r_declaration.php'; ?> <link rel="stylesheet" type="text/css" href="ipad_new.css"> <title>Innovative Educaiton Works</title> </head> <body bgcolor="000000" style="color: #ffffff"> <br><br><br> <table align="center"> <tr> <td valign="middle" align="center" height="400" width="600" style="color: white; font-size: 24pt;">Authenticating ...</td> </tr> </table> </body> </html> <? $ip = $_SERVER['REMOTE_ADDR']; $stamp = date("U"); $query = "INSERT INTO inno_login_track_staff (address, uname, lname, fname, stamp) VALUES ('$ip', '".$_SESSION['staff']['uname']."', '".$_SESSION['staff']['lname']."', '".$_SESSION['staff']['fname']."', '$stamp')"; $result= mysql_query($query) or die("Could not perform query: ".mysql_error()); if ($destino == 1){print "<META HTTP-EQUIV=\"Refresh\" content=\"1;URL=admin_panels.php\">";} else {print "<META HTTP-EQUIV=\"Refresh\" content=\"1;URL=admin_panels.php\">";} }?> I double checked my php.ini file and the session save path is correctly listed as tmp. I've never changed it. And permissions are enabled on it for read, write and execute for owner, group and world. I am a high school teacher and I write my own code to use in my classroom. School starts for us on Monday and I am at a complete loss on how this could be happening after 11 years of perfect functionality!!! I will admit that my PHP is very old. I am not good at maintaining the server side, nor with multiple children do I have time to keep up with new iterations of PHP. I know I'm going to pay for that one day, but I do not believe this is a result of that. Thank you for any help, and I can provide further details as needed.

So, I just don't know where to post this question. I've written a quiz program where 50 English vocab words are pulled from a dB and displayed on one page with the order scrambled. My students then type the Spanish translation for each. When they submit the form the next page grades their work. They have to get a 90 or better for the grade to be automatically recorded, so I want them to click the back button and go back and make corrections. The problem is when they use a Chrome browser and click the back button the program re-sorts the order of questions. It leaves the order of their answers the same. So what they answered for number 1 is still in the field for number 1, but the questions (the English vocab word) is different. Chrome does this consistently so I thought this was a Chrome issue only. Then one of my students said the same thing happened to her when using Safari. So here is my question, how can I stop Chrome (or any other browser) from re-running my server-side PHP scripts (re-sorting the vocab array) when clicking the back button? Here is the code for students taking the quiz: <form method="post" action="portal.php?load=vquiz_grade" style="margin-left: 50px; line-height: 30px;"> <table> <? $count = 1; $query = "SELECT * FROM inno_memorize WHERE uname = 'admiralq' AND subject = '$subject' AND title = '$title' ORDER BY subject, title"; $result= mysql_query($query) or die("Could not perform query: ".mysql_error()); while ($row = mysql_fetch_array($result)){ $ans[$count]['def'] = $row['definition']; $ans[$count]['word'] = $row['vocab_word']; $count++; } $max = $count-1; shuffle($ans); $count = 0; while ($count < $max){ // Search for () and eliminate along with contents $loc1 = strpos($ans[$count]['word'], "("); $loc2 = strpos($ans[$count]['word'], ")"); if ($loc1 != "" AND $loc2 != ""){ // string length $length = strlen($ans[$count]['word']); // from loc2 to end $lcount = $length - $loc2; // Dump location points and all text inbetween $ans[$count]['word'] = substr($ans[$count]['word'], 0, ($loc1-1)).substr($ans[$count]['word'], ($loc2+1)); } print "<tr><td>".($count+1).". <textarea id=\"kelp".$count."\" cols=25 rows=1 name=\"answer".$count."\" style=\"resize: none;\" autocomplete=\"off\"></textarea>&nbsp;</td>"; print "<td>".$ans[$count]['def']."</td>"; print "<td><input type=\"hidden\" name=\"correct".$count."\" value=\"".$ans[$count]['word']."\"></td>"; ?> <td> <span style="margin: 0px 0px 20px 50px;"> <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&aacute;');">&aacute;</button> <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&eacute;');">&eacute;</button> <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&iacute;');">&iacute;</button> <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&oacute;');">&oacute;</button> <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&uacute;');">&uacute;</button>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&ntilde;');">&ntilde;</button> <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&iquest;');">&iquest;</button> <button type="button" onclick="insertAtCursor('kelp<?print $count?>', '&iexcl;');">&iexcl;</button>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span> </td> </tr> <? //print "<br>"; $count++; } ?> </table> <input type="hidden" name="max" value="<?print $max?>"> <input type="hidden" name="title" value="<?print $title?>"> <input type="hidden" name="subject" value="<?print $subject?>"> <input type="hidden" name="vlist" value="<?print $vlist?>"> <input type="hidden" name="lname" value="<?print $secure_lname?>"> <input type="hidden" name="fname" value="<?print $secure_fname?>"> <input type="hidden" name="secure_uname" value="<?print $secure_uname?>"> <input type="hidden" name="key_code" value="<?print $key_code?>"> <input type="hidden" name="vocab_quiz" value="1"> <input type="hidden" name="id" value="<?print $id?>"> <input type="submit"> </form> And here is the code showing them what they missed. <? $count = 0; $wcount = 0; $rcount = 0; // Total grade while ($count < $max){ if (trim(strtolower(${'answer'.$count})) == trim(strtolower(${'correct'.$count}))){$rcount++;} else {$wcount++;} $count++; } print "You missed ".$wcount." words.<br>"; $grade = $rcount / ($rcount+$wcount)*100; print "Your grade: ".round($grade)."<br>"; $count = 0; $wrong = 0; print "<table>"; print "<tr><td height=\"10\"></td></tr>"; while ($count < $max){ $tcolor = "0a0a0a"; // Grade response and set color if (trim(strtolower(${'answer'.$count})) == trim(strtolower(${'correct'.$count}))){$tcolor = "ff7777";} else {$tcolor = "000000"; $wrong = 1;} if ($wrong == 1){ print "<tr>"; print "<td>".($count+1).".&nbsp;</td>"; print "<td><span style=\"color: #".$tcolor.";\">".${'answer'.$count}."</span></td>"; print "<td><span style=\"color: #ff5555;\"> - ".${'correct'.$count}."</span></td>"; print "</tr>"; $wrong = 0; } $count++; } print "</table>"; if ($grade >= 90){ $query = "SELECT * FROM inno_vocab_assignments WHERE key_code = '$key_code' AND uname = '$secure_uname' AND teacher = '$teacher'"; $result= mysql_query($query) or die("Could not perform query: ".mysql_error()); if (mysql_num_rows($result) == 0){ // Prevent student from changing vocab list so as to do an easier list $query = "SELECT * FROM inno_grading_period WHERE uname = '{$_SESSION['student']['teacher']}' AND voc_title = '$title' AND subject = '$subject'"; $result= mysql_query($query) or die("Could not perform query: ".mysql_error()); if (mysql_num_rows($result) > 0){ // Insert grade $query = "INSERT INTO inno_vocab_assignments (uname, course_title, list_title, type, stamp, grade, key_code, course_id, teacher, lname, fname) VALUES ('$secure_uname', '$subject', '$title', 'typing', '".date("U")."', '$grade', '$key_code', '$course_id', '$teacher', '$lname', '$fname')"; $result= mysql_query($query) or die("Could not perform query: ".mysql_error()); print "<br><b>RESULT: Congratulations! Your quiz was recorded.</b><br><br><br><br>"; } else{ print "<span style=\"color: #ff5555; font-weight: bold;\">This vocab list was not assigned! The teacher has been notified of this attempt!<br>The assignment has NOT been recorded!</span>"; } } else {print "<br><b>THIS HAS ALREADY BEEN RECORDED!<br>You cannot submit the same assignment more than once.</b>";} } else{ print "<br><b>RESULT: Your score was below a 90 and so was not recorded. Click back to make corrections.</b><br><br><br><br><br>"; } ?> Thank you!