capt1701b Posted April 15, 2017 Share Posted April 15, 2017 Hi all, Can anyone help as I get this error Warning: mysqli_error() expects exactly 1 parameter, 0 given in /home/ubuntu/workspace/Project/Admin.php on line 48 Call Stack: 0.0011 239616 1. {main}() /home/ubuntu/workspace/Project/Admin.php:0 0.0028 249744 2. mysqli_error() /home/ubuntu/workspace/Project/Admin.php:48 Error in query: INSERT `Membership` (`First_Name`, `Surname`, `Gender`, `DOB`, `Email Address`, `Password`) VALUES ('ewqewq', 'qweqw', '', '1966','eqweqe', 'eqwe'). <?php //include files include 'header/header.php'; include 'nav/navigation.php'; include 'init.php'; print_r ($_POST); echo "<br />"; if (isset($_POST['loginSubmit'])) { $firstname = $_POST['txtFirstName'] ; $surname = $_POST['txtSurname'] ; $gender = $_POST['myList']; $email =$_POST['txtEmail']; $password = $_POST['txtPass']; $DOB = $_POST['edob']; echo "$firstname"; echo "<br />"; echo "$surname"; echo "<br />"; echo "$gender"; echo "<br />"; echo "$email"; echo "<br />"; echo "$password"; echo "<br />"; echo "$DOB"; echo "<br />"; } //run $query //(b)Construct INSERT query using variables holding data gathered $query = "INSERT `Membership` (`First_Name`, `Surname`, `Gender`, `DOB`, `Email Address`, `Password`) VALUES ('$firstname', '$surname', '$gender', '$DOB','$email', '$password')"; //Temporarily echo $query for debugging purposes echo "$query"; //run $query include 'init.php'; echo "<br />"; //echo "$query"; echo "<br />"; $result = mysqli_query($connection,$query) or exit ("Error in query: $query. ".mysqli_error()); ?> <div class="large-6 columns"> <form method="post" action="Admin.php"> <fieldset> <legend>Registration Form</legend> <label> <fieldset> <legend>First Name</legend> <input type="text"name="txtFirstName" placeholder="Your first Name" </fieldset> </label> <fieldset> <legend>Surname</legend> <label> <input type="text"name="txtSurname" placeholder="Your Surame" </fieldset> </label> <fieldset> <legend>Gender</legend> <select name="Gender"id = "myList"> <option value = "Male">Male</option> <option value = "Female">Female</option> </select> </fieldset> <fieldset> <legend>DOB</legend> <div class="small-6 columns"> <tr> <th> <td> <select size="1" name="edob" value="date"> <option>date</option> <option>1</option> <option>2</option> <option>3</option> <option>4</option> <option>5</option> <option>6</option> <option>7</option> <option>8</option> <option>9</option> <option>10</option> <option>11</option> <option>12</option> <option>13</option> <option>14</option> <option>15</option> <option>16</option> <option>17</option> <option>18</option> <option>19</option> <option>20</option> <option>21</option> <option>22</option> <option>23</option> <option>24</option> <option>25</option> <option>26</option> <option>27</option> <option>28</option> <option>29</option> <option>30</option> <option>31</option> </select> <select size="1" name="edob" value="month"> </th> <option>month</option> <option>Jan</option> <option>Feb</option> <option>Mar</option> <option>Apr</option> <option>May</option> <option>June</option> <option>July</option> <option>Aug</option> <option>Sep</option> <option>Oct</option> <option>Nov</option> <option>Dec</option> </select> <select size="1" name="edob" value="Year"> <option>Year</option> <option>1966</option> <option>1967</option> <option>1968</option> <option>1969</option> <option>1970</option> <option>1971</option> <option>1972</option> <option>1973</option> <option>1974</option> <option>1975</option> <option>1976</option> <option>1977</option> <option>1978</option> <option>1979</option> <option>1980</option> <option>1981</option> <option>1982</option> <option>1982</option> <option>1983</option> <option>1984</option> <option>1985</option> <option>1986</option> <option>1987</option> <option>1988</option> <option>1989</option> <option>1990</option> <option>1991</option> <option>1992</option> <option>1993</option> <option>1994</option> <option>1995</option> <option>1996</option> <option>1997</option> <option>1998</option> <option>1999</option> <option>2000</option> <option>2001</option> <option>2002</option> <option>2003</option> <option>2004</option> <option>2005</option> <option>2006</option> <option>2007</option> <option>2008</option> <option>2009</option> <option>2010</option> </div> </select> </td></tr> </fieldset> <fieldset> <legend>Email Address</legend> <label> <input type="text" name="txtEmail" placeholder="Your email address"> </label> </fieldset> <fieldset> <legend>Password</legend> <label> <input type="text" name="txtPass" placeholder="Your password"> </label> <label> <input type="text" placeholder="Confirm your password"> </fieldset> </label> <button name="loginSubmit" class="Submit" value="Submit" >Submit</button> <button class="reset" value="Clear" >Clear</button> </form> </div> </div> <?php //include files include 'footer/footer.php'; ?> <script src="js/vendor/jquery.js"></script> <script src="js/foundation.min.js"></script> <script> </script> </body> Link to comment Share on other sites More sharing options...
NigelRel3 Posted April 15, 2017 Share Posted April 15, 2017 The error is very clear - mysqli_error expects a parameter - usually... mysqli_error($connection) Link to comment Share on other sites More sharing options...
Jacques1 Posted April 15, 2017 Share Posted April 15, 2017 Switching from the old mysql_* functions to the new mysqli_* functions takes a lot more than adding an “i” everyhwere. Or adding connection arguments. You first have to unlearn plenty of wrong practices: Your code has SQL injection vulnerabilities all over the place, and printing error messages on the screen isn't very smart either. It gives attackers valuable information about your system, and it makes legitimate users think your website is fudged up. Then you need to actually learn mysqli. The old extension represented the technology of the 90s, mysqli is a database interface for the 21st century and often takes a very different approach. For example, passing data to queries is now implemented with prepared statements, which provides much better protection against SQL injection attacks. mysqli also supports exceptions to properly indicate errors. Unfortunately, mysqli is fairly difficult to learn, especially when you don't like to read manuals. A much better alternative is the PDO extension. Since you haven't invested any time into mysqli yet, now would be a great time to jump straight to PDO. Link to comment Share on other sites More sharing options...
capt1701b Posted April 15, 2017 Author Share Posted April 15, 2017 Hi Jacques1, The site is just for demo only and a work in progress The reason for displaying the details was for testing purposes, these will be removed when the required section is working. MySQL may have vulnerabilities but these are going to be addressed shortly and it will help in learning about sql injection attacks for my course. Link to comment Share on other sites More sharing options...
Jacques1 Posted April 15, 2017 Share Posted April 15, 2017 I don't think you're getting my point. You invest time for turning broken mysql_* code into broken mysqli_* code. Why on earth would you do that? If you don't care about broken code, just keep your old mysql_* functions and then go straight to PDO when you rewrite everything. Link to comment Share on other sites More sharing options...
benanamen Posted April 15, 2017 Share Posted April 15, 2017 Additionally, do not depend on the name of a button for your script to work. It will completely fail in certain circumstances. The proper way is to check the request method. if ($_SERVER['REQUEST_METHOD'] == 'POST') Also, do not create variables for nothing. You are mixing case for your attribute names. Stick to all lowercase with underscores_for_long_words. Since you are processing in the same page (as you should), remove the hardcoded action and filename. You can leave it out completely and the page will submit to itself. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.