Help with MySQLi

Tom8001 · November 30, 2014

I have just started using MySQLi and am clueless it is giving me the follow errors in which i do not understand

Warning: mysqli_select_db() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\Login\connect.php on line 23

Notice: Trying to get property of non-object in C:\xampp\htdocs\Login\connect.php on line 25

Notice: Use of undefined constant mysqli - assumed 'mysqli' in C:\xampp\htdocs\Login\connect.php on line 32

Warning: mysqli_query() expects parameter 1 to be mysqli, string given in C:\xampp\htdocs\Login\connect.php on line 32

Warning: mysql_fetch_assoc() expects parameter 1 to be resource, null given in C:\xampp\htdocs\Login\connect.php on line 33

can someone please explain to me why i am getting these?

and my code is

$mysqli_db = mysqli_select_db("$db_name");

if($mysqli_db->connect_errno) {

	printf("Database not found: %s\n", $mysql->connect_error);
	exit();
}

$sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$result = mysqli_query($sql);
$row = mysqli_fetch_assoc($result);

I just got rid off most the errors the only ones left are

Warning: mysqli_query() expects at least 2 parameters, 1 given in C:\xampp\htdocs\Login\connect.php on line 32

Fatal error: Call to undefined function mysqli_result() in C:\xampp\htdocs\Login\connect.php on line 33

Code Updated:

$mysqli_db = mysqli_select_db($mysqli_connect, $db_name);

if(!$mysqli_db) {

	printf("Database not found: %s\n", $mysqli->connect_error);
	exit();
}

$sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$query = mysqli_query($sql);
$result = mysqli_result($query);
$row = mysqli_fetch_assoc($result);

Edited November 30, 2014 by Tom8001

Ch0cu3r · November 30, 2014

You are getting those errors because you are using it incorrectly. There is a difference between the mysql_* functions and the mysqli_* functions. Just adding i after mysql in the function name is not going to work.

Study the mysqli documentation to learn how to use mysqli correctly.

Tom8001 · November 30, 2014

where am i going wrong

Tom8001 · November 30, 2014

it says its expecting 2 parameters, when i only want to put in one and before mysqli when it was just mysql it didn't start asking you to add things you don't want to add.

Ch0cu3r · November 30, 2014

where am i going wrong

By not reading the documentation for mysqli

it says its expecting 2 parameters, when i only want to put in one and before mysqli when it was just mysql it didn't start asking you to add things you don't want to add.

mysqli functions are completely different to the mysql functions. The only similarities is the name of the function. Everything else is completely different!

The only way you are going to learn the differences is to read the documentation. I will say it again read the documentation to learn the differences.

http://php.net/mysqli < link to the documentation.

Tom8001 · December 1, 2014

I Started using MySQLi and i have the following errors here is my code

$row = $tbl_name->fetch_array($count);

And here are my errors

Fatal error: Call to a member function fetch_array() on a non-object in C:\xampp\htdocs\Login\login.php on line 40

Please can someone help me?

Edited December 1, 2014 by Tom8001

Ch0cu3r · December 1, 2014

I have merged your two topics.

What is $table_name and $count? Can you post more code?

Tom8001 · December 1, 2014

Sure sorry,

$tbl_name = "x_users"; 
$count= $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");

$con = new mysqli("$server", "$username", "$password", "$db_name");

if($con->connect_error) {

	echo 'There was an error while connecting to the server or database, please check your configuration.';
}

Tom8001 · December 1, 2014

In case i missed anything

$username = mysqli_real_escape_string($con, $_POST['username']);
    $md5_password = md5($password);
    $password = mysqli_real_escape_string($con, $_POST['password']);

    $count = $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");

    $row = $tbl_name->fetch_array($count);

    $user_level = $row['user_level'];


	if($count = $tbl_name->mysql_num_rows > 0) {

		$_SESSION['loggedIn'] = true;
		$_SESSION['username'] = $_POST['username'];

	} else {


		print("<br> <br>Username / Password is Incorrect!\ntest");

		exit();

	}

Ch0cu3r · December 1, 2014

You need to be connected to mysql before you can start to use queries.

To fetch the results from the query call the fetch_array method on $count variable not $tbl_name

$tbl_name = "x_users"; 

// connect to mysql
$con = new mysqli("$server", "$username", "$password", "$db_name");

if($con->connect_error) {
    echo 'There was an error while connecting to the server or database, please check your configuration.';
}

// execute query
$count= $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");

// check to make sure query did execute. If it did not then trigger error use mysqli::error to see why it failed
if(!$count)
{
    trigger_error('Query error: ', $con->error);
}
else
{
    // get result from query
    $row = $count->fetch_array();

    // output contents of $row
    printf('<pre>%s</pre>', print_r($row, 1));
}

$count is rather ambiguous. I fell naming it as $result to be a better name

Edited December 1, 2014 by Ch0cu3r

Tom8001 · December 1, 2014

i have

require 'connect.php';

At the top of all the pages & this is my connection script.

<?php

error_reporting(E_ALL | E_NOTICE);

include 'header.php';

include 'footer.php';

$server = "localhost";
$username = "root";
$password = "";
$db_name = "phplogin";
$tbl_name = "x_users";

$con = new mysqli("$server", "$username", "$password", "$db_name");

if($con->connect_error) {

	echo 'There was an error while connecting to the server or database, please check your configuration.';
}

?>

Tom8001 · December 1, 2014

now i have a problem where you can enter any username and password that doesn't exist and it logs in anyway

Ch0cu3r · December 1, 2014

My bad. Try

// execute query
$result = $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");

// check to make sure query did execute. 
if($result)
{
	// query did return result
	if($result->num_rows > 0 )
	{
	    // get result from query
	    $row = $result->fetch_array();

	    // output contents of $row
	    printf('<pre>%s</pre>', print_r($row, 1));
	}
	// query did not return result
	else
	{
		echo 'Invalid Username/Password';
	}	
}
// problem with query trigger an error
else
{
	trigger_error('Login Query failed: ' . $con->error);
}

Tom8001 · December 1, 2014

Still does not work here is my whole login script apart from the html which i know works:

<?php
error_reporting(E_ALL | E_NOTICE);

require 'connect.php';

session_start();

if (isset($_POST['submit'])) {
   
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);
   
    if (empty($username)) {
       
        echo "You did not enter a username, Redirecting...";
       
        echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
       
        exit();
       
    }
   
    if (empty($password)) {
       
        echo "You did not enter a password, Redirecting...";
       
        echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
       
        exit();
       
    }
   
    //Prevent hackers from using SQL Injection to hack into Database
    $username = mysqli_real_escape_string($con, $_POST['username']);
    $md5_password = md5($password);
    $password = mysqli_real_escape_string($con, $_POST['password']);

    // execute query
$result = $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");

// check to make sure query did execute. 
if($result)
{
	// query did return result
	if($result->num_rows > 0 )
	{
	    // get result from query
	    $row = $result->fetch_array();

	    // output contents of $row
	    printf('<pre>%s</pre>', print_r($row, 1));
	}
	// query did not return result
	else
	{
		echo 'Invalid Username/Password';
	}	
}
// problem with query trigger an error
else
{
	trigger_error('Login Query failed: ' . $con->error);
} if($row['user_level'] == 1) {

		$_SESSION['user_level'] = 1;

		header("Location: admin.php");

		exit();

	} else if($row['user_level'] == -1) {

		$_SESSION['user_level'] = -1;

		$_SESSION['username'] = $_POST['username'];

		header("Location: banned.php");

		exit();
	} if($_SESSION['loggedIn'] = true) {

		header("index.php");
	}

	if($_SESSION['loggedIn'] == 1 && $_SESSION['user_level'] == -1) {

		$_SESSION['user_level'] = -1;

		$_SESSION['username'] = $_POST['username'];

		header("Location: banned.php");
	}

	$_SESSION['loggedIn'] = 1;
	$_SESSION['user_level'] = 1;
	header("Location: index.php");
	exit();


}





?>

mikosiko · December 1, 2014

Define what "Still does not work" exactly means... what are you getting (or not)?... messages on the screen?.. nothing?...zero?.. niech?.... help the people to help you!!

Some observation:

- Why are you setting $md5_password if in your query you are using the plain $password ... and in addition... you should be using password_hash() instead of that md5 for hashing the password.

- What is the result of this line in your code

    // output contents of $row
     printf('<pre>%s</pre>', print_r($row, 1));

- Here... Do you know the diference between = and == ?

} if($_SESSION['loggedIn'] = true) {

        header("index.php");
    }

- Here ... you already sanitized the $_POST['username'] right?... why you still using the un-sanitized value again? ...

$_SESSION['username'] = $_POST['username'];

        header("Location: banned.php");

- Last but not least... the order of all your if's after the closing } of your first one make no sense at all... you need to re-think your logic starting from here:

if($row['user_level'] == 1) {

you understand that if your query doesn't produce a resultset $row['user_level'] will no be valid?

Tom8001 · December 1, 2014

Define what "Still does not work" exactly means...

Read what we have said before your post

Tom8001 · December 1, 2014

And

printf('<pre>%s</pre>', print_r($row, 1));

does not output anything.

mikosiko · December 1, 2014

Read what we have said before your post

NO... your code have changed several times before your first and subsequent posts... we are not seeing your screen, and we can't assume that you are getting the same errors or new ones... so either your provide ALL the current errors or people around here will not have means to "see" what is happening, and will still just guessing.

read my post again and review what is there for you.

good luck

Tom8001 · December 1, 2014

Now it's telling me i'm not logged in &

Notice: Undefined index: username in C:\xampp\htdocs\Login\index.php on line 11

Notice: Undefined index: user_level in C:\xampp\htdocs\Login\index.php on line 13

My Login

<?php
error_reporting(E_ALL | E_NOTICE);

require 'connect.php';

session_start();

if (isset($_POST['submit'])) {
   
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);
   
    if (empty($username)) {
       
        echo "You did not enter a username, Redirecting...";
       
        echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
       
        exit();
       
    }
   
    if (empty($password)) {
       
        echo "You did not enter a password, Redirecting...";
       
        echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
       
        exit();
       
    } 
   
    //Prevent hackers from using SQL Injection to hack into Database
    $username = mysqli_real_escape_string($con, $_POST['username']);
    $md5_password = md5($password);
    $password = mysqli_real_escape_string($con, $_POST['password']);

    // execute query
$result = $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");

// check to make sure query did execute. 
if($result)
{
	// query did return result
	if($result->num_rows > 0 )
	{
	    // get result from query
	    $row = $result->fetch_array();

	    // output contents of $row
	    printf('<pre>%s</pre>', print_r($row, 1));
	}
	// query did not return result
	else
	{
		echo 'Invalid Username/Password';
	}	
}
// problem with query trigger an error
else
{
	trigger_error('Login Query failed: ' . $con->error);
}if($row['user_level'] == 1) {

		$_SESSION['user_level'] == 1;

		header("Location: admin.php");

		exit();

	} else if($row['user_level'] == -1) {

		$_SESSION['user_level'] == -1;

		$_SESSION['username'] == trim($_POST['username']);

		header("Location: banned.php");

		exit();
	} if($_SESSION['loggedIn'] == true) {

		header("index.php");
	}

	if($_SESSION['loggedIn'] == 1 && $_SESSION['user_level'] == -1) {

		$_SESSION['user_level'] == -1;

		$_SESSION['username'] == trim($_POST['username']);

		header("Location: banned.php");
	}

	$_SESSION['loggedIn'] == 1;
	$_SESSION['user_level'] == 1;
	$_SESSION['username'] == trim($_POST['username']);
	header("Location: index.php");
	exit();

} 

?>

My Index Page

<?php

session_start();

error_reporting(E_ALL | E_NOTICE);

ini_set('display_errors', '1');

require 'connect.php';

$_SESSION['username'];

$user_level = $_SESSION['user_level'];

if(!isset($_SESSION['loggedIn'])) {

	echo "<br> <br> You are not currently logged in and to view this page you must be logged in to have access. <a href='login.php'> You can login here </a>";
	echo '<style>a {color: #ff0000; TEXT-DECORATION: none;} a:visited {color: #ff0000;}</style>';
	die();

} if($_SESSION['user_level'] == -1) {

	header("Location: banned.php");

} if(isset($_SESSION['username'])) {

	echo "<div id='welcome'> Welcome, ". $_SESSION['username'] ." <br> </div> ";

}

?>

Tom8001 · December 1, 2014

The topic is merged

NO... your code have changed several times before your first and subsequent posts...

The stuff at the top of this thread is nothing to do with the errors i have now i don't even know why it got merged.

Ch0cu3r · December 1, 2014

Code is working fine. The problem is these lines are in the wrong place!

if($row['user_level'] == 1) {

		$_SESSION['user_level'] == 1;

		header("Location: admin.php");

		exit();

	} else if($row['user_level'] == -1) {

		$_SESSION['user_level'] == -1;

		$_SESSION['username'] == trim($_POST['username']);

		header("Location: banned.php");

		exit();
	} if($_SESSION['loggedIn'] == true) {

		header("index.php");
	}

	if($_SESSION['loggedIn'] == 1 && $_SESSION['user_level'] == -1) {

		$_SESSION['user_level'] == -1;

		$_SESSION['username'] == trim($_POST['username']);

		header("Location: banned.php");
	}

	$_SESSION['loggedIn'] == 1;
	$_SESSION['user_level'] == 1;
	$_SESSION['username'] == trim($_POST['username']);
	header("Location: index.php");
	exit();

They should of replaced these lines

// output contents of $row
printf('<pre>%s</pre>', print_r($row, 1));

i have now i don't even know why it got merged.

I merged the two topics because are you are in the process of converting your code over to mysqli. There is was no need to start a new topic for every error you get in the process.

Edited December 1, 2014 by Ch0cu3r

Tom8001 · December 1, 2014

The login still has a problem, you can type in any username / password and it will redirect to index.php & when i get the the index.php page i get

Notice: Undefined index: loggedIn in C:\xampp\htdocs\Login\index.php on line 11


You are not currently logged in and to view this page you must be logged in to have access. You can login here

This is my index.php if you need it i can't seem to find out why it's doing this, this has been the main problem.

<?php

session_start();

error_reporting(E_ALL | E_NOTICE);

ini_set('display_errors', '1');

require 'connect.php';

if($_SESSION['loggedIn'] != true) {

	echo "<br> <br> You are not currently logged in and to view this page you must be logged in to have access. <a href='login.php'> You can login here </a>";
	echo '<style>a {color: #ff0000; TEXT-DECORATION: none;} a:visited {color: #ff0000;}</style>';
	die();

} else if($_SESSION['loggedIn'] == true) {

	//Do Nothing
}

if($_SESSION['user_level'] == -1) {

	header("Location: banned.php");

} if(isset($_SESSION['username'])) {

	echo "<div id='welcome'> Welcome, ". $_SESSION['username'] ." <br> </div> ";

}

?>

Edited December 1, 2014 by Tom8001

Ch0cu3r · December 1, 2014

The login script is not setting the $_SESSION['loggedIn'] session variable. To solve the notice use isset before checking the value. Example

if(isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] != true) {

...
} else if(isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] == true) {

In your login script commend out the lines that use header(). Does the login script display a blank page or any messages now?

Tom8001 · December 1, 2014

it now logs in but i still have the exact same problem it lets you enter anything in the username and password field and it will log you in.

Tom8001 · December 1, 2014

I put this in index.php & it does not say that they are not logged in, they can access the page when not logged in it just displays an error on the page that says the user level is undefined.

if(isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] != true) {

		echo "You are not logged in.";

		exit();

	} else if(isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] == true) {

		header("index.php");

}

Sign In

Help with MySQLi

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information