|
PHP - Mysqli Object In Other Objects
Ever since I started using OOP this past week, I have not been able to go back to the old "procedural" methods. HOwever, I seem to be stuck on creating a mysql connection that I can reuse in all of my classes.
After I set up a connection to mysql using the mysqli object, I am unable to use the mysqli in other objects. Code: [Select] $mysqli = new mysqli(.....); class new_class { function quickQuery () { $mysqli->query('some query') } } Obviously, this doesn't work, because $mysqli is not defined within that functions scope. One way, is to use global keyword. Code: [Select] global $mysqli However, globals "are the root of all evil" and simply go against the idea of encapsulation in OOP. What's a way around this? HOWEVER: 1) I still want to use the mysqli object 2) I don't want to reference the $link of the db each time I instantiate a new class .... Maybe I'm asking too much? And I've google for the past hour or so. Singleton seems interesting but it requires the creation of a new db connection class. I want to use the mysqli object. Similar TutorialsI have gotten into the habit of freeing MySQLi result objects once they are no longer needed. However, I'm curious about the cases where multiple MySQLi objects are being used. I've been starting to play around the mysqli class and I've been having trouble using it due to various error it gives me from simple queries like this one. I'm not sure what the error is really, I've been following the php manual. Any help would be greatly appreciated. Code: [Select] <?php $mysqli = new MySQLi('localhost', 'root', 'root', 'jaipai'); if ($mysqli->connect_errno) { echo "There was a connection error: ". $mysqli->connecterrno; } class testClass { private $db; function __construct($mysqli) { $this->db = $mysqli; } public function pageInfo() { $query = "SELECT * FROM users WHERE username = jaipai"; $results = $this->db->query($query); $result = $this->db->fetch_assoc($results); return $result['username']; } } $testClass = new testClass($mysqli); echo $testClass->pageInfo(); ?> This gives me this error: Code: [Select] Fatal error: Call to undefined method mysqli::fetch_assoc() in /Users/JPFoster/Sites/Research & Development/Programs/Object Sandbox/DatabaseConnection.php on line 30 Just to be a little more informative I've also tried this method Code: [Select] $results = $this->db->query($query); $result = $results->fetch_assoc(); return $result['username']; This gives me an error: Code: [Select] Fatal error: Call to a member function fetch_assoc() on a non-object in Sites/Research & Development/Programs/Object Sandbox/DatabaseConnection.php on line 30 I'm not sure which is on the best path to go. Any help would be greatly appreciated. I am trying to build an object-oriented interface for a website. My classes include a "Database" class with a constructor method that connects to a database and a destructor method that disconnects from the database, a child class called "Content" that will display content stored in the database, another child class called "User" that handles registration, updating user info, logging in, and logging out, etc., and a "Validator" class that will validate all forms. So far I have the database class, the content class, and the index.php page started. My problem is that I cannot get the data returned from the function (using mysqli prepared statements) to display on the main page. I have read tutorials using MySQL, but I am using MySQLi with prepared statements. Any help is appreciated. Code: [Select] Database.php /* The Database class handles connecting to and disconnecting from the database. All interaction with the database is then extended from this class. The constructor will be run automatically each time a new instance of the Database class (or one of its child classes) is made. */ abstract class Database { // assign variables to use in the constructor private $host = 'localhost'; private $user = ''; private $password = ''; private $database = ''; // define constructor method to connect to database public function __construct() { $this->connect = new mysqli($this->host, $this->user, $this->password, $this->database); // if the connection failed kill the script and display an error if($this->connect->connect_errno) { die('Critical database error: ' . $this->database->error . '. Please contact a site administrator.'); } } // define destructor method to disconnect from the database public function __destruct() { $this->connect->close(); } } Content.php require_once('Database.php'); /* This class will display all website content that is held in the database. Anything that is stored in the database that needs to be shown on the front end of the website will go through this class. */ class Content extends Database { public function pageInfo($page) { $query = $this->connect->prepare('SELECT pageTitle, pageHeading, pageContent FROM pageInfo WHERE pageName = ?'); $query->bind_param('s', $page); $query->execute(); $query->bind_result($title, $heading, $content); return $query->fetch(); // procedurally this returns the values of the bound variables which then I can use just by typing echo $variableName // if i echo the variables out inside this method, they display at the top of index.php // how do i call them into my variables to display where i want // return $query->fetch(); should return that object to main script but then how do i call those values } public function displayUsers() { } public function searchUsers() { } } index.php <?php $page = 'index.php'; require_once('modules/Content.php'); $page = new Content(); list($title, $heading, $content) = $page->pageInfo('index.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title><?php echo $title; ?></title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link href="includes/style.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="scripts/cufon-yui.js"></script> <script type="text/javascript" src="scripts/arial.js"></script> <script type="text/javascript" src="scripts/cuf_run.js"></script> </head> <body> <!--begin main--> <div class="main"> <?php include('header.php'); ?> <?php include('menu.php'); ?> <!--begin content--> <div class="content"> <!--begin content_resize--> <div class="content_resize"> <!--begin mainbar--> <div class="mainbar"> <!--begin article--> <div class="article"> <h2><span><?php echo $heading; ?></span></h2> <div class="clr"></div> <p><?php echo $content; ?></p> </div> <!--end article--> </div> <!--end mainbar--> <?php include('sidebar.php'); ?> <div class="clr"></div> </div> <!--end content_resize--> </div> <!--end content--> <?php include('footer.php'); ?> </div> <!--end main--> </body> </html> Hello
I am still fairly new to the PDO / mysqli thing and I would really appreciate some help with escaping special characters from the below code.
$sth = ("SELECT * from table WHERE field1 = '$bob' and field2 != ''");
foreach ($dbh->query($sth) as $row) {
$who = $row['field2'];
$why = $row['field1'];
$dbh1->query("UPDATE table SET who = '$who', date = '$row[DATE]', time = '$row[TIME]' WHERE field1 = '$why'")or die(mysqli_error($db));
}
I have tried using the prepared statement as well as the mysqli_real_escape_string but sees the code results as an object.
Any help or comments would be greatly appreciated.
I am getting an error when the clear banned ip over 15mins script runs if there is a row to remove from the database, what am I doing wrong here and the error is Quote PHP Fatal error: Call to a member function fetch_object() on a non-object in /path/to/file/index.php on line 14 Code: [Select] <?php // clear banned ip over 15mins $timeBAN = time(); $sql = $link->query("SELECT unban, id FROM attempts WHERE unban <= '$timeBAN'"); if ($sql->num_rows > 0) { while ($result = $sql->fetch_object()) { //<----THIS IS LINE 14 CAUSING ERROR if there is data $remove=$result->id; $sql = $link->query("DELETE FROM attempts WHERE id='$remove'"); } $sql->close(); } // check if user banned $sql = $link->query("SELECT ip, unban FROM attempts WHERE ip='$ip'"); if ($sql->num_rows > 0) { $result = $sql->fetch_object(); $unban = $result->unban; $timeCHECK = $unban-$timeBAN; if ($timeCHECK > 0 ) { $remain = round($timeCHECK/60); } $sql->close(); } // reset the auto_increment of attempts $sql = $link->query("SELECT id FROM attempts"); if ($sql->num_rows == 0) { $sql = $link->query("ALTER TABLE attempts AUTO_INCREMENT = 1"); } ?> I don't know why it won't work.. as the topic titles says that I am trying to pass a mysqli object to a property in another class but it keeps me getting an error.
here's the code for the mysqli object that i want to pass to another class
class ConnectMe2Db
{
public $dbname = 'somedatabase';
public $dbuname = 'root';
public $dbpass = '';
public $dbhost = 'localhost';
function __construct()
{
$mysqli = new mysqli($this->dbhost,$this->dbuname,$this->dbpass,$this->dbname)
or die ('ERROR: '.$mysqli->connect_errno);
return $mysqli;
}
# OTHER CODES...
}
and here is the class that i want the Mysqli object to pass to:
class DatabaseUsers
{
private $dbconnection;
function __construct()
{
$this->dbconnection = new ConnectMe2Db();#mysqli object will be passed to this attribute '$dbconnection'
}
public function session($username, $password)
{
$UserName = mysqli_real_escape_string($this->dbconnection,$username);
$Password = mysqli_real_escape_string($this->dbconnection,md5($password));
$querry = "SELECT * FROM trakingsystem.login WHERE username='$username' and password='$password'";
$result = mysqli_query($this->dbconnection,$querry) or die (mysqli_error($this->dbconnection));
$count = mysqli_num_rows($result);
$row = mysqli_fetch_array($result);
if ($count > 0)
{
#some code here
}
}
#some other code here
}
and this outputs 4 errors:
#outputs 2 of these: Warning: mysqli_real_escape_string() expects parameter 1 to be mysqliand some mysqli_query() expects parameter 1 to be mysqli mysqli_error() expects parameter 1 to be mysqliis there something wrong with the logic that I've made? please help thanks Hello all!
I have this array of objects:
Array
(
[0] => stdClass Object
(
[first_name] => test
[last_name] => test
[title] => test
[id] => 34
[type] => 4
[manager] => 4
[email] => p@yahoo.com
[date] => 2014-09-21 07:23:12
[status] => 2
[approval_date] => 2014-09-21 07:31:10
[assessment_id] => 1
[supervisor_approval] => 1
[manager_approval_date] => 2014-09-21 07:31:27
[mainmanger] => 3
)
[1] => stdClass Object
(
[first_name] => test
[last_name] => test
[title] => test
[id] => 34
[type] => 4
[manager] => 4
[email] => p@yahoo.com
[date] => 2014-09-20 07:39:55
[status] => 2
[approval_date] => 2014-09-20 07:40:41
[assessment_id] => 3
[supervisor_approval] => 1
[manager_approval_date] => 2014-09-20 07:41:07
[mainmanger] => 3
)
[2] => stdClass Object
(
[first_name] => jimmy john john
[last_name] => john
[title] => Lorad and Master
[id] => 32
[type] => 4
[manager] => 3
[email] => j@j.com
[date] => 2014-09-21 07:38:50
[status] => 2
[approval_date] => 2014-09-19 07:39:25
[assessment_id] => 2
[supervisor_approval] => 1
[manager_approval_date] => 2014-09-19 07:39:25
[mainmanger] => 0
)
)
Where "id" = the user ID.
If there are two or more entries for a user, I want to remove all but the most recent by the "approval_date",... So for the above example it would return:
Array
(
[0] => stdClass Object
(
[first_name] => test
[last_name] => test
[title] => test
[id] => 34
[type] => 4
[manager] => 4
[email] => piznac@yahoo.com
[date] => 2014-09-21 07:23:12
[status] => 2
[approval_date] => 2014-09-21 07:31:10
[assessment_id] => 1
[supervisor_approval] => 1
[manager_approval_date] => 2014-09-21 07:31:27
[mainmanger] => 3
)
[1] => stdClass Object
(
[first_name] => jimmy john john
[last_name] => john
[title] => Lorad and Master
[id] => 32
[type] => 4
[manager] => 3
[email] => j@j.com
[date] => 2014-09-21 07:38:50
[status] => 2
[approval_date] => 2014-09-19 07:39:25
[assessment_id] => 2
[supervisor_approval] => 1
[manager_approval_date] => 2014-09-19 07:39:25
[mainmanger] => 0
)
)
I'm having a hard time wrapping my head around this concept, so I don't have any example code. And I don't really need or expect someone to code this for me,. just a push in the right direction would be awesome.
I have the following three tables (and also delta_point and hist_point which are purposely left out and just mentioned for context). Before going down the Doctrine ORM long curvy road, aggrType was just used to restrict possible values so that I didn't need to use MySQL's ENUM, but now I am thinking there may be value to making it an entity and include some methods (and a second reason because I still can't figure out how to make Doctrine create a FK constraint yet not populate the parent entity with a AggrType object). point -id (int PK) -data -dType /* descriminator. Options are AggregatePoint, DeltaPoint, and HistoricPoint */ aggr_point -id (int PK, FK to point) -aggrType (char FK to aggrType) -data aggrType -type (char PK) /* there are about five types */ I have a service to create a new point based on the provided desired type and user data. I don't like the switch statement to determine which type of point to create, but don't know a better way. Also my entity is responsible to provide the appropriate validation rules for the given point type which might not be considered proper but it seems to work for me. Any constructive criticism is welcomed.
<?php
namespace NotionCommotion\PointMapper\Api\Point;
use NotionCommotion\PointMapper\Domain\Entity\Point;
class PointService
{
public function create(string $type, array $params):integer {
$class=[
'aggr'=>'AggregatePoint',
'delta'=>'DeltaPoint',
'hist'=>'HistoricPoint',
][$type];
//$class='Point\\'.$class; //This doesn't seem to be possible and I needed to use the fully qualifed name without the short cut used namespace.
$class='\\Greenbean\Datalogger\Domain\Entity\Point\\'.$class;
$point=new $class();
$validator=$this->getValidator($point);
$params=$validator->sanitize($params);
$validator->validate($params);
$point->setAccount($this->account);
$point->populate($params, $this->em); //Will be addressed later
$this->em->persist($point);
$this->em->flush();
$point->setIdPublic($this->em->getRepository(Point\Point::class)->getPublicId($point->getId()));
return $point->getIdPublic();
}
}
Now, this is the part I am struggling with the most. I only have one service to create any type of point, so I do wish to put a bunch of if/thens in it and instead move logic to the individual point type being created. The AggrPoint in question requires a sub-point and I don't think it is appropriate to inject the entity manager into a point entity and as an alternative solution find an existing point which is associated with the account which resides in the new AggrPoint. Maybe not appropriate, but it works. This type of point also has a sub-object AggrType as discussed at the very beginning of this post, so I first attempt to create a new one from scratch, but that doesn't work and I need to set $aggrType with an existing one. As an alternative, I passed the entity the entity manager, but as stated I think this is a bad idea. Any recommendations where to go from here? Thank you
namespace NotionCommotion\PointMapper\Domain\Entity\Point;
class AggregatePoint extends Point
{
public function populate(array $params, \Doctrine\ORM\EntityManager $em):\NotionCommotion\PointMapper\Domain\Entity\Entity{
$criteria = \Doctrine\Common\Collections\Criteria::create()
->where(\Doctrine\Common\Collections\Criteria::expr()->eq("id_public", $params['pointId']));
if(!$subpoint = $this->getAccount()->getPoints()->matching($criteria)->current()){
throw new \Exception("Invalid subpoint ID $params[pointId]");
}
$this->setSubpoint($subpoint);
//This won't work since I must use an existing AggregateType and not create a new one
$aggrType=new AggregateType();
$aggrType->setType($params['aggrType']);
//This just seems wrong and I shouldn't be passing the entity manager to an entity
$aggrType=$em->getRepository(AggregateType::class)->findOneBy(['type'=>$params['aggrType']]);
$this->setAggregateType($aggrType);
unset($params['pointId'], $params['aggrType']);
// parent::populate($params) not shown, but it basically calles appropriate setters based on the property name
return parent::populate($params);
}
public function getValidatorRules():array
{
return $this->filesToArr(['/point/base.json', '/point/aggr.json']);
}
}
Hey all, I want to have an object that has a property which is an object containing instances of other objects. I try this: Code: [Select] class Blog extends Posts { public $has_posts; public function __construct($a,$b,$c){ $has_posts = (object) array_merge((array) $a, (array) $b, (array) $c); } } class Posts { public $b; public function __construct($b){ $this->b = $b; } } $post1 = new Posts(1); $post2 = new Posts(2); $post3 = new Posts(3); $blog = new Blog($post1,$post2,$post3); var_dump($blog->has_posts); //null foreach($blog->has_posts as $post){ //Invalid argument supplied for foreach() echo $post->b; } But as you see, has_posts is null, not an object containing other objects. Thanks for response. I have a Soup object in a Bowl object in a Microwave object. The Microwave object has the methods: receiveItem(Bowl $b) cookItem(???) I want the Microwave to be able to set the Soup->temperature but I'm not how to do that? Make sense? TomTees Hi I am new to PHP and I need to create an array and add both books to the array and than loop through the array this is where I am having trouble if the price of a book is less than $20.00 output the book’s name and price if the book’s title comes after the letter R in the alphabet output the book’s title. I am getting these error:
Notice: Trying to get property 'price' of non-object in C:\xampp\htdocs\PHP objects\books.php on line 45 My code is:
<?php
// Methods
$first_book = new Book();
foreach ($book as $bookItem) { Any help will be very much appreciated Thank you I dont know whether the statement is correct.....i just tried it.....and it didn't work. $stmt->bind_param('ssiiiss',$_POST['name'],$_POST['email'],$_POST['d'],$_POST['m'],$_POST['y'],$_POST['add'],$_POST['phone']); here my first two values are strings and next 2 tiny int's next is int and last 2 again strings. I have just started using MySQLi and am clueless it is giving me the follow errors in which i do not understand
Warning: mysqli_select_db() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\Login\connect.php on line 23 Notice: Trying to get property of non-object in C:\xampp\htdocs\Login\connect.php on line 25 Notice: Use of undefined constant mysqli - assumed 'mysqli' in C:\xampp\htdocs\Login\connect.php on line 32 Warning: mysqli_query() expects parameter 1 to be mysqli, string given in C:\xampp\htdocs\Login\connect.php on line 32 Warning: mysql_fetch_assoc() expects parameter 1 to be resource, null given in C:\xampp\htdocs\Login\connect.php on line 33 can someone please explain to me why i am getting these? and my code is
$mysqli_db = mysqli_select_db("$db_name");
if($mysqli_db->connect_errno) {
printf("Database not found: %s\n", $mysql->connect_error);
exit();
}
$sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$result = mysqli_query($sql);
$row = mysqli_fetch_assoc($result);
I just got rid off most the errors the only ones left are
Warning: mysqli_query() expects at least 2 parameters, 1 given in C:\xampp\htdocs\Login\connect.php on line 32Fatal error: Call to undefined function mysqli_result() in C:\xampp\htdocs\Login\connect.php on line 33 Code Updated:
$mysqli_db = mysqli_select_db($mysqli_connect, $db_name);
if(!$mysqli_db) {
printf("Database not found: %s\n", $mysqli->connect_error);
exit();
}
$sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$query = mysqli_query($sql);
$result = mysqli_result($query);
$row = mysqli_fetch_assoc($result);
Edited by Tom8001, 30 November 2014 - 12:43 PM. When running the following code i get the error: Call to undefined method mysqli::errno() the code: $conn = new mysqli(HOST, USER, PASSWORD, DATABASE); if ($conn->errno() !== 0) { $msg = $conn->error(); throw new connErrorException($msg, 'Connect'); } I am fairly new to classes but as i understand it this should be correct. I am using mysql 5.1 so mysqli is on by default. I have even checked the php ini and everything looks fine there in respect to this. Any advice? Hello everyone, For two weeks now, I'm trying to get this database connection in my query. Can someone give me a solution and tell me what I've done wrong? Am I overlooking something? <?php class Mysql{ public function connect(){ $mysqli = new mysqli('localhost','root','','login'); } } class Query extends Mysql{ public function runQuery(){ $this->result = parent::connect()->query("select bla bla from bla bla"); } } $query = new Query; $query->runQuery(); ?>
The below code produces a dropdown and when a selection is made and submitted produces ---------------------------------------------------------------------------
<!DOCTYPE><html><head>
<title>lookup menu</title>
</head>
<body><center><b>
<form name="form" method="post" action="">
<?php
// error_reporting(0);
error_reporting(E_ALL ^ E_NOTICE);
include 'homedb-connect.php';
//This creates the drop down box
echo "<select name= 'target'>";
echo '<option value="">'.'--- Select account ---'.'</option>';
$query = mysqli_query($con,"SELECT target FROM lookuptbl");
$query_display = mysqli_query($con,"SELECT * FROM lookuptbl");
while($row=mysqli_fetch_array($query))
{echo "<option value='". $row['target']."'>".$row['target']
.'</option>';}
echo '</select>';
?>
<input type="submit" name="submit" value="Submit"/>
</form><center>
<?php
// error_reporting(0);
error_reporting(E_ALL ^ E_NOTICE);
include 'homedb-connect.php';
if(isset($_POST['target']))
{
$name = $_POST['target'];
$fetch="SELECT target, purpose, user, password, email, visits, date,
saved FROM lookuptbl WHERE target = '".$name."'";
$result = mysqli_query($con,$fetch);
if(!$result)
{echo "Error:".(mysqli_error($con));}
//display the table
echo '<table border="1"><tr><td bgcolor="#ccffff" align="center">lookup menu</td></tr>
<tr><td>
<table border="1">
<tr>
<td> Target </td>
<td> Purpose </td>
<td> User </td>
<td> Password </td>
<td> Email </td>
<td> Visits </td>
<td> Date </td>
<td> Saved </td>
</tr>';
while($data=mysqli_fetch_row($result))
{
$url= "http://localhost/home/crud-link.php?target=". $data[0];
$link= '<a href="'.$url.'">'. $data[0]. '</a>';
echo ("<tr><td> $link </td><td>$data[1]</td><td>$data[2]</td><td>$data[3]</td>
<td>$data[4]</td><td>$data[5]</td><td>$data[6]</td><td>$data[7]</td></tr>");
}
echo '</table>
</td></tr></table>';
}
?>
</body></html>
I am using mysqli, OO, to connect to MySQL. I have only today started looking at this and am used to: Code: [Select] <?php $con = mysql_connect();//etc mysql_close($connection); ?> Am I right that with mysqli (OO) that I don't need to set a connection variable wither when connecting or closing?? Code: [Select] <?php mysqli::connect();//etc mysqli::close(); ?> What about with multiple databases, does mysqli keep track for me, as I am used to this: Code: [Select] <?php $con1 = mysql_connect();//db1 $con2 = mysql_connect();//db2 ?> //etc hello , I'm starting to use mysqli and i have few questions. is there a guide for mysqli? and how do i use this functions at mysqli ? mysql_num_rows mysql_query mysql_fetch_assoc mysql_fetch_array thanks , Mor. Hi, The following code is what I want in that it creates a menu and I can select and display a table row.
I still need to use that selection to update the "lastused". I really appreciate your help. <!DOCTYPE><html><head><title>email menu</title></head> <body><center> <form name="form" method="post" action=""> <?php $con=mysqli_connect("localhost","root","cookie","homedb"); //============== check connection if(mysqli_errno($con)) {echo "Can't Connect to mySQL:".mysqli_connect_error();} else {echo "Connected to mySQL</br>";} //This creates the drop down box echo "<select name= 'target'>"; echo '<option value="">'.'--- Select email account ---'.'</option>'; $query = mysqli_query($con,"SELECT target FROM emailtbl"); $query_display = mysqli_query($con,"SELECT * FROM emailtbl"); while($row=mysqli_fetch_array($query)) {echo "<option value='". $row['target']."'>".$row['target'] .'</option>';} echo '</select>'; ?> <input type="submit" name="submit" value="Submit"/><!-- update "lastused" using selected "target"--> </form></body></html> <!DOCTYPE><html><head><title>email menu</title></head> <body><center> <?php $con=mysqli_connect("localhost","root","cookie","homedb"); if(mysqli_errno($con)) {echo "Can't Connect to mySQL:".mysqli_connect_error();} if(isset($_POST['target'])) { $name = $_POST['target']; $fetch="SELECT target,username,password,emailused,lastused, purpose, saved FROM emailtbl WHERE target = '".$name."'"; $result = mysqli_query($con,$fetch); if(!$result) {echo "Error:".(mysqli_error($con));} $lastused = "CURDATE()"; // update "lastused" using selected "target" //display the table echo '<table border="1">'.'<tr>'.'<td bgcolor="#ccffff align="center">'. 'Email menu'. '</td>'.'</tr>'; echo '<tr>'.'<td>'.'<table border="1">'.'<tr>'.'<td bgcolor="#ccffff align="center">'.'target'.'</td>'.'<td bgcolor="#ccffff align="center">'.'username'.'</td>'.'<td bgcolor="#ccffff align="center">'.'password'.'</td>'.'<td bgcolor="#ccffff align="center">'.'emailused'.'</td>'.'<td bgcolor="#ccffff align="center">'.'lastused'.'</td>'.'<td bgcolor="#ccffff align="center">'.'purpose'. '</td>'.'<td bgcolor="#ccffff align="center">'. 'saved' .'</td>'.'</tr>'; while($data=mysqli_fetch_row($result)) {echo ("<tr><td>$data[0]</td><td>$data[1]</td><td>$data[2]</td><td>$data[3]</td><td>$data[4]</td><td>$data[5]</td><td>$data[6]</td></tr>");} echo '</table>'.'</td>'.'</tr>'.'</table>'; } ?> </body></html> Ok I am trying to use mysqli instead of the usual mysql. Mysql would be outdated. With mysqli, sgl-injection is impossible if you use the "?" in those codes. I would normally use a function but I've made a simple script to find the error. I use $parameters and $sql because these are the data I need to give as parameters to the function, so I used it here too but without the function actually. Code: [Select] ini_set('display_errors',1); // 1 == aan , 0 == uit error_reporting(E_ALL | E_STRICT); # sql debug define('DEBUG_MODE',true); // true == aan, false == uit $userid = 11; $lang = 1; $newLink = "testing123"; $db_host = "localhost"; $db_gebruiker = "root"; $db_wachtwoord = ''; $db_naam = "projecteasywebsite"; $sql= "INSERT tbl_link(userid,linkcat,linksubid,linklang,linkactive,linktitle) VALUES(?, ?, ?, ?, ?, ?)"; $parameters = '"iiisis", $userid, 1, 0, $lang, 1, $newLink'; echo $parameters; $mysqli = new mysqli($db_host, $db_gebruiker, $db_wachtwoord, $db_naam); $stmt = $mysqli->prepare($sql); $stmt->bind_param($parameters); $stmt->execute(); echo "<br><br>". mysqli_connect_errno(); echo "<br><br>". mysqli_report(MYSQLI_REPORT_ERROR); $stmt->close(); $mysqli->close(); I got Wrong parameter count for mysqli_stmt::bind_param() So naturally a problem when we execute : Warning: mysqli_stmt::execute() [mysqli-stmt.execute]: (HY000/2031): No data supplied for parameters in prepared statement ($stmt->execute() Is someone using mysqli too ? |
|||||||