spudly1987 Posted August 18, 2013 Share Posted August 18, 2013 when you visit this link it is showing some errors http://omgtechnotes.me.pn/insert.php below is the code for it I removed my user name and password for security purposes. <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <img src="http://omgtechhelp.com/wp/wp-content/themes/OMGTech/images/logo7small.jpg" /> <center> <h1><u>Notes For The Month Of August</u></h1> </center> <a href="http://www.omgtechnotes.me.pn/index.html"> <input type="button" value="New Entry" /> </a> <body> <?php //Protect against mysql_injection $customername = mysql_real_escape_string(trim($_POST["customername"])); $phonenumber = mysql_real_escape_string(trim($_POST["pnumber"])); $email = mysql_real_escape_string(trim($_POST["eaddy"])); $issue = mysql_real_escape_string(trim($_POST["issue"])); $result = mysql_real_escape_string(trim($_POST["results"])); $date = mysql_real_escape_string(trim($_POST["Date"])); //Now check form input(Validating the form). $errmsg_arr = array(); //Array to store validation errors $check_Error = false; //Validation error flag if (empty($customername)){ $errmsg_arr[]= '.Please Enter Your Name'; $check_Error = true; } if (empty($phonenumber)){ $errmsg_arr[]= '.Please Enter Your Phone Number'; $check_Error = true; } if (empty($email)){ $errmsg_arr[]= '.Please Enter Your Email'; $check_Error = true; } if (empty($issue)){ $errmsg_arr[]= '.Please what is your issue'; $check_Error = true; } if (empty($result)){ $errmsg_arr[]= '.Please what is your issue'; $check_Error = true; } if (empty($date)){ $errmsg_arr[]= '.Please what is your issue'; $check_Error = true; } //Printing out any error message stored in the array. if ($check_Error == true){ echo '<h1>ERROR: </h1><h3>Please check below for Error Details</h3>'; if( isset($errmsg_arr) && is_array($errmsg_arr) && count($errmsg_arr) > 0 ) { echo '<ul><font color="red">'; foreach($errmsg_arr as $msg) { echo '<li><b>Error: '.$msg.'</b></li><br />'; } echo '</font></ul>'; } //Please change the a href link to the name of your page. echo "<p><a href='http://www.omgtechnotes.me.pn/index.html'>Go Back To Register</a></p>"; } //After validating successfully else { /* Now we will write a query to insert user details into database */ $host = "fdb5.freehostingeu.com"; // Host name...change it to your configuration information. $username = ""; // Mysql username...change it to your configuration information. $password = ""; // Mysql password...change it to your configuration information. $db_name = "usernote"; // Database name...change it to your configuration information. // Connect to server mysql_connect("$host", "$username", "$password") or die('ERROR: Cannot connect' .mysql_error()); //connect to database mysql_select_db("$db_name") or die ('ERROR: Cannot connect'.mysql_error()); $tbl_name = "UserNote"; //Mysql Table name...change it to your configuration information. $sql="INSERT INTO $tbl_name (CustomerName, Phone, Email, Issue, Result, Date) VALUES('$customername', '$phonenumber', '$email', '$issue', '$result', '$date')"; } if (!mysql_query($sql)) //notice the "!" it means if the mysql_query($sql) cannot be executed, then die error. ELSE execute the mysql_querry($sql) to //insert into table in the database. { die('Error in Registration,: ' . mysql_error()); } else { //Insert User into the database. } ?> <hr/> <table border="1"> <tr> <th align="center">DATE</th> <th align="center">NAME </th> <th align="center">EMAIL </th> <th align="center">PHONE </th> <th align="center">ISSUE </th> <th align="center">RESULT </th> </tr> <?php $result=mysql_query("SELECT * FROM $tbl_name"); //sql query to call all the record available in database if ($result) { while ($fetch = mysql_fetch_assoc($result)) { //Using the WHILE - LOOP TO Display the whole recode in tabular form. echo '<tr>'; echo '<td>'.$fetch['Date'] .'</td>'; echo '<td>'.$fetch['CustomerName'] .'</td>'; echo '<td>'.$fetch['Email'] .'</td>'; echo '<td>'.$fetch['Phone'] .'</td>'; echo '<td>'.$fetch['Issue'] .'</td>'; echo '<td>'.$fetch['Result'] .'</td>'; echo '</tr>'; } } else { die ("ERROR: Could not fetch record : ".mysql_error()); } ?> </table> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/ Share on other sites More sharing options...
0xMatt Posted August 18, 2013 Share Posted August 18, 2013 Your connection information is wrong. Double check your host, username, password and database. Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445648 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 i've done that already like 10 times Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445649 Share on other sites More sharing options...
0xMatt Posted August 18, 2013 Share Posted August 18, 2013 The issue may have something to do with your defined host. Try changing it to localhost and see if that works. If PHP says you're experience a connection error than that's what it is. The issue is definitely within your connection details and so you are overlooking something. Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445651 Share on other sites More sharing options...
mac_gyver Posted August 18, 2013 Share Posted August 18, 2013 (edited) you must have a database connection before you use mysql_real_escape_string(). mysql_real_escape_string() is trying to create a database connection because there's isn't a connection already. also, you should only escape string data right before you use it in a query. doing this before your validation logic can cause your validation logic to produce a different result than you expect, depending on what you are validating for. you also don't have a valid database connection at the msyql_query() statement on line 84 and the mysql_query() statement is trying to create a database connection, edit: because your database connection logic is inside of a conditional statement that is false. Edited August 18, 2013 by mac_gyver Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445652 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 I had all this working on a localhost on my computer and everything was functional, the only thing i did was go to the website www.freehostingseu.com and created a free hosting domain. then i created the database so i know i have that working in the database manager in there software, and i used the same credentials in the insert.php file to connect to and its not connecting so i already have a database connection Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445653 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 I've just double checked the user name, password, host and everything its all correct Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445654 Share on other sites More sharing options...
jazzman1 Posted August 18, 2013 Share Posted August 18, 2013 I've just double checked the user name, password, host and everything its all correct What about the mysql address? Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445657 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 i don't see anywhere in the code that it states mysql address can you let me know what line it is? Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445658 Share on other sites More sharing options...
jazzman1 Posted August 18, 2013 Share Posted August 18, 2013 i don't see anywhere in the code that it states mysql address can you let me know what line it is? $host = "fdb5.freehostingeu.com"; Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445659 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 yeah that is the correct host name from the web site Database Host fdb5.freehostingeu.com Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445661 Share on other sites More sharing options...
jazzman1 Posted August 18, 2013 Share Posted August 18, 2013 (edited) What about the port connection? [jazz@centos-box ~]$ nmap 83.125.22.195Starting Nmap 5.51 ( http://nmap.org ) at 2013-08-18 13:15 EDTNmap scan report for fdb5.runhosting.com (83.125.22.195)Host is up (0.12s latency).Not shown: 991 closed portsPORT STATE SERVICE80/tcp open http873/tcp filtered rsync1007/tcp filtered unknown1132/tcp filtered kvm-via-ip1720/tcp filtered H.323/Q.9313283/tcp filtered netassistant5961/tcp filtered unknown8292/tcp filtered blp327353/tcp filtered unknown By default mysql use port 3306 to connect to database, but....I don't see this port to be opened for that domain. Edited August 18, 2013 by jazzman1 Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445664 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 this is all the information i have for connection Database Hostfdb5.freehostingeu.com Database Port3306 Database Name1487284_mydb Database User1487284_mydb Database PasswordThe password you have chosen. change Database Version5.1 Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445665 Share on other sites More sharing options...
jazzman1 Posted August 18, 2013 Share Posted August 18, 2013 Phone and ask them why the port 3306/port is closed for mysql.By default, it should be filtered not closed. Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445667 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 i already spoke with them and they stated that the connection is successful they ran a test file and it was all good so nothing is being blocked there is an issue with links or something Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445668 Share on other sites More sharing options...
jazzman1 Posted August 18, 2013 Share Posted August 18, 2013 Change this: $host = "fdb5.freehostingeu.com"; to $host = "83.125.22.199"; Also, as mac_giver said: you must have a database connection before you use mysql_real_escape_string(). Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445679 Share on other sites More sharing options...
mac_gyver Posted August 18, 2013 Share Posted August 18, 2013 if this code ran as expected on your localhost development system (actually inserting the submitted form data), it was because the default mysql credentials in your php.ini happened to match what you are using and the msyql_real_escape_string() statements were able to make a database connection. you have two problems in your code, which i have already mentioned above and to fix them, you need to 1) move your code using mysql_real_escape_string() so that it is right before you put the data into your sql query statement. this will move it so that it is after the point where you have made a database connection. your validation logic needs to test the un-escaped values from the form. 2) your code containing the mysql_query() statement needs to be inside of the else{} statement where you are making the database connection. it is currently outside of and after this else{} statement. this else{} statement is currently false and is not running because of problem #1 (all the variables from your form are being set to a null from the mysql_real_escape_string() statements since there isn't a database connection.) @jazzman1, just because you cannot reach this database host/port from an external server, doesn't mean that a web server who's ip address has been allowed to make database connections to it cannot. Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445685 Share on other sites More sharing options...
spudly1987 Posted August 18, 2013 Author Share Posted August 18, 2013 Would there be any chance you can edit up the code for me, i'm a bit brain dead at the moment. Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445687 Share on other sites More sharing options...
mac_gyver Posted August 18, 2013 Share Posted August 18, 2013 afraid not. that's not how help/learning works. Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445688 Share on other sites More sharing options...
jazzman1 Posted August 18, 2013 Share Posted August 18, 2013 @jazzman1, just because you cannot reach this database host/port from an external server, doesn't mean that a web server who's ip address has been allowed to make database connections to it cannot. @mac_gyver, in the beginning I was thinking that the database server is external for omgtechnotes.me.pn. Anyways, good spot Quote Link to comment https://forums.phpfreaks.com/topic/281310-some-assistance-with-my-php/#findComment-1445691 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.