Jump to content

Recommended Posts

Hey guys,

 

I am using this script to connect to mysql database.

 

Here it is the code:

 

<?php
    define('DB_HOST', 'localhost');
    define('DB_USER', 'myusername');
    define('DB_PASSWORD', 'mypassword');
    define('DB_DATABASE', 'mydatabase');

    session_start();
    $errmsg_arr = array();
    $errflag = false;

    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
  die('Failed to connect to server: ' . mysql_error());
    }

    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
  die("Unable to select database");
    }

    function clean($str) {
  $str = @trim($str);
  if(get_magic_quotes_gpc()) {
    $str = stripslashes($str);
  }
  return mysql_real_escape_string($str);
  }
    $login = clean($_GET['login']);
    $password = clean($_GET['password']);
    if($login == '') {
  $errmsg_arr[] = 'Login ID missing';
  $errflag = true;
    }
    if($password == '') {
  $errmsg_arr[] = 'PS ID missing';
  $errflag = true;
    }

    if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  session_write_close();
  echo "ERROR";
  exit();
    }

  $qry="SELECT level FROM users WHERE login='$login' AND passwd='$password'";

    if($result) {
  $result=mysql_query($qry);
    echo $result;
  exit();
    }else {
  die("Query failed");
    }
?>

 

 

However, I have received an error which I catch from this line:

 

echo "ERROR";

 

I have input the correct username, password and the name of the database.

 

 

Do you have any idea why I have received an error, guess if I have missing something?

Link to comment
https://forums.phpfreaks.com/topic/214458-database-error-please-help/
Share on other sites

<?php
    define('DB_HOST', 'localhost');
    define('DB_USER', 'myusername');
    define('DB_PASSWORD', 'mypassword');
    define('DB_DATABASE', 'mydatabase');

    session_start();
    $errmsg_arr = array();
    $errflag = false;

    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD) or die('Failed to connect to server: ' . mysql_error());

    mysql_select_db(DB_DATABASE, $link) or  die("Unable to select database");

 

Try that, the rest of the connections to the DB will inherit the connection reference from the mysql_select_db function.

 

function clean($str){
  $str = trim($str);
  if(get_magic_quotes_gpc()) {
    $str = stripslashes($str);
  }
  $str = strip_tags($str);
  return mysql_real_escape_string($str);
  }

 

Just one word of advice, $_POST and $_GET are super global's, so realistically you can access them anywhere in the scope of your script, providing they are set.  So you DON'T need to pass them into a function. So you could do this instead (only a suggestive piece of code though):-

 

function clean(){
$_GET = array_map('mysql_real_escape_string', $_GET);
$_GET = array_map('strip_tags', $_GET);

return $_GET;
  }

 

And when using mysql_real_escape_string, ensure that there is a valid connection handle going, or else the script will throw an error..

 

Rw

Thanks guys, so the exit call I referring to are none. Should I remove them?

 

The usual way to use the exit function is just after a header call, or in if else chains when you don't want to display the caught exception and the html together, but in your case, I would just try it with & then without to see if there is any discernible difference, which I suspect as there wouldn't be.

 

Exits and die are pretty much the same in operation, they kill the script.

 

Rw 

Thanks for your advice rwwd, I have moved the exit call after the header call. However, I have receive another parse error which I am getting this:

 

Parse error: syntax error, unexpected '}' in /home/username/public_html/mysite.com/config.php on line 45

 

    }

 

Should I remove it?

Thanks herghost, there is another error has been throw out on this line:

 

  $qry="SELECT members FROM members WHERE login='$login' AND passwd='$password'";

 

Parse error: syntax error, unexpected T_VARIABLE in /home/username/public_html/mysite.com/config.php on line 47

 

 

Do you know why I have received the error?

Here it is:

 

<?php
    define('DB_HOST', 'localhost');
    define('DB_USER', 'myusername');
    define('DB_PASSWORD', 'mypassword');
    define('DB_DATABASE', 'mydatabasename');
    exit();

    session_start();
    $errmsg_arr = array();
    $errflag = false;

    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
  die('Failed to connect to server: ' . mysql_error());
    }

    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
  die("Unable to select database");
    }

   function clean(){
    $_GET = array_map('mysql_real_escape_string', $_GET);
    $_GET = array_map('strip_tags', $_GET);

    return $_GET;
  }
  $str = strip_tags($str);
  return mysql_real_escape_string($str);

    $login = clean($_GET['login']);
    $password = clean($_GET['password']);
    if($login == '') {
  $errmsg_arr[] = 'Login ID missing';
  $errflag = true;
    }
    if($password == '') {
  $errmsg_arr[] = 'PS ID missing';
  $errflag = true;
    }

    if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  session_write_close();
  $errmsg_arr

  $qry="SELECT members FROM members WHERE login='$login' AND passwd='$password'";

    if($result) {
  $result=mysql_query($qry);
    echo $result;
  exit();
    }else {
  die("Query failed");
    }
?>

I don't know what you tried to do... but you really screw up your original code... now you have some lines that doesn't make sense at all..

 

like

- the first exit()  ... delete that

- this 2 lines... out of place and with no sense

 $str = strip_tags($str);
  return mysql_real_escape_string($str);

 

- like this lines... with and unclosed { and a variable $errmsg_arr hanging there alone ???

    if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  session_write_close();
  $errmsg_arr

 

- this lines are wrong too ... $result is being used before it is declared/populated by your query... ??

    if($result) {
  $result=mysql_query($qry);
    echo $result;
  exit();
    }else {
  die("Query failed");
    }

 

better to go to the draw board  and think a little better your code again.... look for some examples   

-

 

Look at the line before the error. You should be able to figure this one out on your own.

 

Ok, I have removed this line:

 

$errmsg_arr

 

However, I have received the error which are jumping on this line:

 

?>

 

 

The error is: Parse error: syntax error, unexpected $end in /home/myusername/public_html/mysite.com/config.php on line 53

 

 

What's the hell is going on? any idea how to resolve?

Try this:

 

<?phpsession_start();    define('DB_HOST', 'localhost');    define('DB_USER', 'myusername');    define('DB_PASSWORD', 'mypassword');    define('DB_DATABASE', 'mydatabasename');           $errmsg_arr = array();    $errflag = false;    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);    if(!$link) {  die('Failed to connect to server: ' . mysql_error());    }    $db = mysql_select_db(DB_DATABASE);    if(!$db) {  die("Unable to select database");    }   function clean($var){	return mysql_real_escape_string(strip_tags($var));    }      $login = clean($_GET['login']);    $password = clean($_GET['password']);    if($login == '') {  $errmsg_arr[] = 'Login ID missing';  $errflag = true;    }    if($password == '') {  $errmsg_arr[] = 'PS ID missing';  $errflag = true;    }    if($errflag) {  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;  echo implode('<br />',$errmsg_arr);   }   else {  $qry="SELECT members FROM members WHERE login='$login' AND passwd='$password'";    $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error());if(mysql_num_rows($result) > 0) {$row = mysql_fetch_row($result);    echo $row[0];    }else {echo 'Username and/or Password not found.';}}?>

 

Thanks for your help jcjones. I think we have found a solution right here. I have successfully login now.

 

Last things I need before I will mark the thread as resolve, how do I write the data to store in the database table by using the same script in your last post?

 

 

Thanks,

Mark

jcjones, thanks for your help. I have successfully login into the database by input the username and password in the address bar. Now I needs to write the data in the database table by input the value in the address bar which something would be like this:

 

http://www.mysite.com/writemysql.php?user=test&pass=test&firstname=valuedata 

 

Here it is code I have created:

 

<?php
session_start();
    define('DB_HOST', 'localhost');
    define('DB_USER', 'myusername');
    define('DB_PASSWORD', 'mypassword');
    define('DB_DATABASE', 'mydatabasename');
       
    $errmsg_arr = array();
    $errflag = false;

    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
  die('Failed to connect to server: ' . mysql_error());
    }

    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
  die("Unable to select database");
    }

   function clean($var){

return mysql_real_escape_string(strip_tags($var));
    }
  
    $login = clean($_GET['user']);
    $password = clean($_GET['pass']);
    $value = clean($_GET['value']);
    if($login == '') {
  $errmsg_arr[] = 'Login ID missing';
  $errflag = true;
    }
    if($password == '') {
  $errmsg_arr[] = 'PASSWORD ID missing';
  $errflag = true;
    }
    if($value == '') {
  $errmsg_arr[] = 'THE VALUE IS missing';
  $errflag = true;
    }
    if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  echo implode('<br />',$errmsg_arr);
   }
   else {
  $qry="SELECT * FROM members WHERE login='$login' AND passwd='$password'";

  $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error());


if(mysql_num_rows($result) > 0) {

  $row = mysql_fetch_row($result);
    echo $row[0];
    }
else {


echo 'Username, Password or value is not found.';

$sql="INSERT INTO members (firstname, lastname)
VALUES
('$_POST[firstname]','$_POST[lastname]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";

?>

 

However, I have received an error:

 

Parse error: syntax error, unexpected $end in /home/myusername/public_html/mysite.com/writemysql.php on line 71

 

 

The error are jumping on this line:

 

?>

 

Do you know what the problem is?

 

Hopefully you can help me to get the value update in the database table name members and write the value in fields id firstname by the same row as for each user.

 

Thanks!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.