PHP - Mysql And Mysqli?
Hey.
I was writing my class object for a database connection and while I was writing the query part, I came to wonder whether I should use mysql_real_escape_string or mysqli_real_escape_string to make the query mysql friendly, what's the difference? Similar TutorialsHi, I only just worked out (a little slow) that mysql is not redundant and crap =\ Apparently I should be using mysqli.
However I need help I tried following a tutorial online but it failed. This is my login script and it doesn't work
<?php require_once '../inc/conn.php'; session_start(); if ($_POST['username']) { $username = $_POST['username']; $password = $_POST['password']; $requestLogin = mysqli_query( $retreat, "SELECT * FROM login WHERE username='$username' AND password='$password'"); while($row = mysqli_fetch_array($requestLogin)){ $userID = $row['userID']; $_SESSION['userID'] = $userID; $username = $row['username']; $_SESSION['username'] = $username; header('location: /administrator/'); } } ?>And this is the conn.php ( something hidden for safety, however it does connect correctly. <?php $hostname = 'localhost'; $username = ''; $password = ''; $database = ''; $retreat = mysqli_connect($hostname, $username, $password, $database) or die('Connecting to MySQL failed'); ?>The actual <form> is also correct as it's just normal html and worked before I tried converting to mysqli. After this login I have a script which is this that goes in the header of all admin pages. <?php require_once '../inc/conn.php'; session_start(); if (isset($_SESSION['userID'])) { $username = $_SESSION['username']; $getUser = mysqli_query( $retreat, "SELECT user_rights FROM login WHERE username='$username'"); while($row = mysqli_fetch_array($getUser)){ $user_rights = $row['user_rights']; } } else { include_once 'login.php'; exit(); } ?>I am no coding professional by any means but I get the job done. However this mysqli is sort of new ground. Hello, I've been tasked with updating our code base from mysql to something that will work with php 7. It's older code that was written by 2 or 3 individuals before me and it's not at all object oriented. There are about 540 different files that I will end up having to edit to make it all up to date. I'm not a very experienced programmer myself, and I'm in need of some guidance. There are some files that have functions that call and use mysql queries three or four files deep and going through and editing one function leads me to having to update 4 or 5 other files which breaks stuff somewhere else down the road. I was wondering if anyone has some suggestions on ways to make this process less painful. The other thing is that by using PDO in a not OO style, it seems like I'm losing a lot of its benefits. Should I consider using MYSQLi instead of PDO considering the circumstances? Are there any resources that you could point me to in order to help me learn the skills I need to make it through this upgrade? Thanks for the help! Alright guys, I see people recommending prepared statements (PDO/MySQLi) and saying that they are way to go these days. However upon doing a bit more research, I've found that prepared statements, PDO in particular, is lacking in terms of performance, especially using SELECT statements. Now I'm starting a new project, which is basically a text based game with lots of queries and DB interaction, so I'm really interested in knowing what's the best approach for me. I was leaning towards PDO but I don't want it crawling my server under heavy load. I appreciate any advices or first hand experiences on this. Hello (I think I could have posted this in the wrong PHP area! - so posting it here),
I'm pretty new at building websites using php (and mysql) and was most recently given the task to create a database image gallery, which was to be accessed through a php website.
I made a full site which allowed me to upload said images & it worked perfectly. However after doing my last checks I have been told that mysql is deprecated and that I need to use mysqli.
I've had a look at some tutorials on websites to help direct me but it's simply confusing me more and more each time I look at it.
Is it possible I am over thinking this and there is an easier way to approach it?
Thank you kindly.
This is my php code:
On the mainpage I am getting this error:
Fatal error: Call to a member function query() on a non-object in C:\xampp\htdocs\page\controller\function.php on line 393
$result = $db->query($query);And on the admin section: Notice: Undefined index: role in C:\xampp\htdocs\page\admin\header.php on line 7 Notice: Undefined index: role in C:\xampp\htdocs\page\admin\header.php on line 7 Fatal error: Undefined class constant 'site_url' in C:\xampp\htdocs\page\admin\header.php on line 8 if ($_SESSION['role'] !== 'admin' and $_SESSION['role'] !== 'moderator'){header( 'Location:'.config::site_url.'index.php' ); Hi, I am trying to convert the register & login script from mysql to mysqli. I have converted the easy parts and have the connection to the database, but the following functions all need changing and I can't work out the correct solution mainly due to the deprecation of mysql_result() The code that needs updating is <?php function user_count() { return mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `active` = 1"), 0); } function users_online() { return mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `logged_in` = 1"), 0); } function change_profile_image($user_id, $file_temp, $file_extn) { $file_path = 'images/profile/' . substr(md5(time()), 0, 10) . '.' . $file_extn; move_uploaded_file($file_temp, $file_path); mysql_query("UPDATE `users` SET `profile` = '" . mysql_real_escape_string($file_path) . "' WHERE `user_id` = " . (int)$user_id); } function has_access($user_id, $type) { $user_id = (int)$user_id; $type = (int)$type; return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_id` = $user_id AND `type` = $type"), 0) == 1) ? true : false; } function activate($email, $email_code) { $email = mysql_real_escape_string($email); $email_code = mysql_real_escape_string($email_code); if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) { mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'"); return true; } else { return false; } } function user_exists($username) { $username = sanitize($username); $query = mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `username` = '$username'"); return (mysql_result($query, 0) == 1) ? true : false; } function email_exists($email) { $email = sanitize($email); return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email'"), 0) == 1) ? true : false; } function user_id_from_username($username) { $username = sanitize($username); return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id'); } function user_id_from_email($email) { $email = sanitize($email); return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `email` = '$email'"), 0, 'user_id'); } function login($username, $password) { $user_id = user_id_from_username($username); mysql_query("UPDATE `users` SET `logged_in` = 1 WHERE `user_id` = $user_id"); $username = sanitize($username); $password = md5($password); return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) == 1) ? $user_id : false; } ?>And here is what the converter gave me: function user_count() { return mysql_result(mysqli_query($GLOBALS["___mysqli_ston"], "SELECT COUNT(`user_id`) FROM `users` WHERE `active` = 1"), 0); } function users_online() { return mysql_result(mysqli_query($GLOBALS["___mysqli_ston"], "SELECT COUNT(`user_id`) FROM `users` WHERE `logged_in` = 1"), 0); } function change_profile_image($user_id, $file_temp, $file_extn) { $file_path = 'images/profile/' . substr(md5(time()), 0, 10) . '.' . $file_extn; move_uploaded_file($file_temp, $file_path); mysql_query("UPDATE `users` SET `profile` = '" . mysql_real_escape_string($file_path) . "' WHERE `user_id` = " . (int)$user_id); } function has_access($user_id, $type) { $user_id = (int)$user_id; $type = (int)$type; return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_id` = $user_id AND `type` = $type"), 0) == 1) ? true : false; } function activate($email, $email_code) { $email = mysql_real_escape_string($email); $email_code = mysql_real_escape_string($email_code); if (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"), 0) == 1) { mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'"); return true; } else { return false; } } function user_exists($username) { $username = sanitize($username); $query = mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `username` = '$username'"); return (mysql_result($query, 0) == 1) ? true : false; } function email_exists($email) { $email = sanitize($email); return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email'"), 0) == 1) ? true : false; } function user_id_from_username($username) { $username = sanitize($username); return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id'); } function user_id_from_email($email) { $email = sanitize($email); return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `email` = '$email'"), 0, 'user_id'); } function login($username, $password) { $user_id = user_id_from_username($username); mysql_query("UPDATE `users` SET `logged_in` = 1 WHERE `user_id` = $user_id"); $username = sanitize($username); $password = md5($password); return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) == 1) ? $user_id : false; } ?>Please could someone point me in the right direction here? Also my site works perfectly well with MySQL, do I have to convert it to MySQLi? Many Thanks Paul If anyone knows how to solve this, it would be much appreciated. I already have a website template and would prefer to continue with mysqli instead of PDO. Many Thanks Paul I'm a beginner here and i am learning the basic in converting from MySQL to MySQLi. I am currently working on this registration page which I would want to convert to MySQLi. Please advise me how to modify this script, I would prefer the procedural style.
The MySQLi coding is not working because it would notg insert into the database like the MySQL coding would, would appreciate if your can help me.
MYSQL
<?php error_reporting(1); $submit = $_POST['submit']; //form data $name = mysql_real_escape_string($_POST['name']); $name2 = mysql_real_escape_string($_POST['name2']); $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); $password2 = mysql_real_escape_string($_POST['password2']); $email2 = mysql_real_escape_string($_POST['email2']); $address = mysql_real_escape_string($_POST['address']); $address2 = mysql_real_escape_string($_POST['address2']); $address3 = mysql_real_escape_string($_POST['address3']); $address4 = mysql_real_escape_string($_POST['address4']); $error = array(); if ($submit) { //open database $connect = mysql_connect("localhost", "root", "Passw0rd") or die("Connection Error"); //select database mysql_select_db("logindb") or die("Selection Error"); //namecheck $namecheck = mysql_query("SELECT * FROM users WHERE email='{$email}'"); $count = mysql_num_rows($namecheck); if($count==0) { } else { if($count==1) { $error[] = "<p><b>User ID taken. Try another?</b></p>"; } } //check for existance if($name&&$name2&&$email&&$password&&$password2&&$email2&&$address&&$address2&&$address3&&$address4) { if(strlen($password)<8) { $error[] = "<p><b>Password must be least 8 characters</b></p>"; } if(!preg_match("#[A-Z]+#",$password)) { $error[] = "<p><b>Password must have at least 1 upper case characters</b></p>"; } if(!preg_match("#[0-9]+#",$password)) { $error[] = "<p><b>Password must have at least 1 number</b></p>"; } if(!preg_match("#[\W]+#",$password)) { $error[] = "<p><b>Password must have at least 1 symbol</b></p>"; } //encrypt password $password = sha1($password); $password2 = sha1($password2); if($_POST['password'] != $_POST['password2']) { $error[] = "<p><b>Password does not match</b></p>"; } //rescue email match check if($_POST['email2'] == $_POST['email']) { $error[] = "<p><b>Rescue Email must not be the same as User ID</b></p>"; } //generate random code $random = rand(11111111,99999999); //check for error messages if(isset($error)&&!empty($error)) { implode($error); } else { //Registering to database $queryreg = mysql_query("INSERT INTO users VALUES ('','$name','$name2','$email','$password','$password2','$email2','$address','$address2','$address3','$address4','$random','0')"); $lastid = mysql_insert_id(); echo "<meta http-equiv='refresh' content='0; url=Activate.php?id=$lastid&code=$random'>"; die (); } } } ?>MYSQLi (NOT WORKING AFTER CONVERTING) <?php error_reporting(1); $submit = $_POST['submit']; //form data $name = mysqli_real_escape_string($connect, $_POST['name']); $name2 = mysqli_real_escape_string($connect, $_POST['name2']); $email = mysqli_real_escape_string($connect, $_POST['email']); $password = mysqli_real_escape_string($connect, $_POST['password']); $password2 = mysqli_real_escape_string($connect, $_POST['password2']); $email2 = mysqli_real_escape_string($connect, $_POST['email2']); $address = mysqli_real_escape_string($connect, $_POST['address']); $address2 = mysqli_real_escape_string($connect, $_POST['address2']); $address3 = mysqli_real_escape_string($connect, $_POST['address3']); $address4 = mysqli_real_escape_string($connect, $_POST['address4']); $error = array(); if ($submit) { //open database $connect = mysqli_connect("localhost", "root", "Passw0rd", "logindb") or die("Connection Error"); //namecheck $namecheck = mysqli_query($connect, "SELECT * FROM users WHERE email='{$email}'"); $count = mysqli_num_rows($namecheck); if($count==0) { } else { if($count==1) { $error[] = "<p><b>User ID taken. Try another?</b></p>"; } } //check for existance if($name&&$name2&&$email&&$password&&$password2&&$email2&&$address&&$address2&&$address3&&$address4) { if(strlen($password)<8) { $error[] = "<p><b>Password must be least 8 characters</b></p>"; } if(!preg_match("#[A-Z]+#",$password)) { $error[] = "<p><b>Password must have at least 1 upper case characters</b></p>"; } if(!preg_match("#[0-9]+#",$password)) { $error[] = "<p><b>Password must have at least 1 number</b></p>"; } if(!preg_match("#[\W]+#",$password)) { $error[] = "<p><b>Password must have at least 1 symbol</b></p>"; } //encrypt password $password = sha1($password); $password2 = sha1($password2); if($_POST['password'] != $_POST['password2']) { $error[] = "<p><b>Password does not match</b></p>"; } //rescue email match check if($_POST['email2'] == $_POST['email']) { $error[] = "<p><b>Rescue Email must not be the same as User ID</b></p>"; } //generate random code $random = rand(11111111,99999999); //check for error messages if(isset($error)&&!empty($error)) { implode($error); } else { //Registering to database $queryreg = mysqli_query($connect, "INSERT INTO users VALUES ('','$name','$name2','$email','$password','$password2','$email2','$address','$address2','$address3','$address4','$random','0')"); $lastid = mysqli_insert_id(); echo "<meta http-equiv='refresh' content='0; url=Activate.php?id=$lastid&code=$random'>"; die (); } } } ?> Hi there,
I'm new to all this so I've been following instructions from various sites and books. So far I have installed Apache, PHP and mysql, however when I browse to localhost/test.php (created to view phpinfo() through the browser) i can't see mysql or mysqli only the mysqlnd.
Here is an overview of software I've installed, OS and things I've added so far;
OS ver Windows7 Professional 32-bit VM how i can make a insert using this fuctions I m learning php, as using this functions (mysqli abstract) but after update wont work any more.
/** insert data array */ public function insert(array $arr) { if ($arr) { $q = $this->make_insert_query($arr); $return = $this->modifying_query($q); $this->autoreset(); return $return; } else { $this->autoreset(); return false; } }complement /** insert query constructor */ protected function make_insert_query($data) { $this->get_table_info(); $this->set_field_types(); if (!is_array(reset($data))) { $data = array($data); } $keys = array(); $values = array(); $keys_set = false; foreach ($data as $data_key => $data_item) { $values[$data_key] = array(); $fdata = $this->parse_field_names($data); foreach ($fdata as $key => $val) { if (!$keys_set) { if (isset($this->field_type[$key])) { $keys[] = '`' . $val['table'] . '`.`' . $val['field'] . '`'; } else { $keys[] = '`' . $val['field'] . '`'; } } $values[$data_key][] = $this->escape($val['value'], $this->is_noquotes($key), $this->field_type($key), $this->is_null($key), $this->is_bit($key)); } $keys_set = true; $values[$data_key] = '(' . implode(',', $values[$data_key]) . ')'; } $ignore = $this->ignore ? ' IGNORE' : ''; $delayed = $this->delayed ? ' DELAYED' : ''; $query = 'INSERT' . $ignore . $delayed . ' INTO `' . $this->table . '` (' . implode(',', $keys) . ') VALUES ' . implode(',', $values); return $query; }before update this class i used to insert data like this $db = Sdba::table('users'); $data = array('name'=>'adam'); $db->insert($data);this method of insert dont works on new class. if i try like this i got empty columns and empty values. thanks for any help complete class download http://goo.gl/GK3s4E I have a prepared statement class for MYSQL, since in PHP 5 this is now changing to mysqli; I'm looking for some help in changing the code from my existing class to the new mysqli.
I have done some research online about changing from mysql to mysqli but the changes I made seems to only cause issues with connecting to the database.
After many hours of changing the existing file using the research online, I've decided to start again and ask others if they would be ever so kind to help this noob out and point out which parts of the script needs to be changed.
Thank you for reading.
<?php class Database { private $host; private $user; private $pass; private $name; private $link; private $error; private $errno; private $query; function __construct($host, $user, $pass, $name = "", $conn = 1) { $this -> host = $host; $this -> user = $user; $this -> pass = $pass; if (!empty($name)) $this -> name = $name; if ($conn == 1) $this -> connect(); } function __destruct() { @mysql_close($this->link); } public function connect() { if ($this -> link = mysql_connect($this -> host, $this -> user, $this -> pass, TRUE)) { if (!empty($this -> name)) { if (!mysql_select_db($this -> name, $this->link)) $this -> exception("Could not connect to the database!"); } } else { $this -> exception("Could not create database connection!"); } } public function close() { @mysql_close($this->link); } public function query($sql) { if ($this->query = @mysql_query($sql, $this->link)) { return $this->query; } else { $this->exception("Could not query database!"); return false; } } public function num_rows($qid) { if (empty($qid)) { $this->exception("Could not get number of rows because no query id was supplied!"); return false; } else { return mysql_num_rows($qid); } } public function fetch_array($qid) { if (empty($qid)) { $this->exception("Could not fetch array because no query id was supplied!"); return false; } else { $data = mysql_fetch_array($qid); } return $data; } public function fetch_array_assoc($qid) { if (empty($qid)) { $this->exception("Could not fetch array assoc because no query id was supplied!"); return false; } else { $data = mysql_fetch_array($qid, MYSQL_ASSOC); } return $data; } public function fetch_object($qid) { if (empty($qid)) { $this->exception("Could not fetch object assoc because no query id was supplied!"); return false; } else { $data = mysql_fetch_object($qid); } return $data; } public function fetch_all_array($sql, $assoc = true) { $data = array(); if ($qid = $this->query($sql)) { if ($assoc) { while ($row = $this->fetch_array_assoc($qid)) { $data[] = $row; } } else { while ($row = $this->fetch_array($qid)) { $data[] = $row; } } } else { return false; } return $data; } public function last_id() { if ($id = mysql_insert_id()) { return $id; } else { return false; } } private function exception($message) { if ($this->link) { $this->error = mysql_error($this->link); $this->errno = mysql_errno($this->link); } else { $this->error = mysql_error(); $this->errno = mysql_errno(); } if (PHP_SAPI !== 'cli') { ?> <div class="alert-bad"> <div> Database Error </div> <div> Message: <?php echo $message; ?> </div> <?php if (strlen($this->error) > 0): ?> <div> <?php echo $this->error; ?> </div> <?php endif; ?> <div> Script: <?php echo @$_SERVER['REQUEST_URI']; ?> </div> <?php if (strlen(@$_SERVER['HTTP_REFERER']) > 0): ?> <div> <?php echo @$_SERVER['HTTP_REFERER']; ?> </div> <?php endif; ?> </div> <?php } else { echo "MYSQL ERROR: " . ((isset($this->error) && !empty($this->error)) ? $this->error:'') . "\n"; }; } } ?> Hello everyone, For two weeks now, I'm trying to get this database connection in my query. Can someone give me a solution and tell me what I've done wrong? Am I overlooking something? <?php class Mysql{ public function connect(){ $mysqli = new mysqli('localhost','root','','login'); } } class Query extends Mysql{ public function runQuery(){ $this->result = parent::connect()->query("select bla bla from bla bla"); } } $query = new Query; $query->runQuery(); ?>
The below code produces a dropdown and when a selection is made and submitted produces --------------------------------------------------------------------------- <!DOCTYPE><html><head> <title>lookup menu</title> </head> <body><center><b> <form name="form" method="post" action=""> <?php // error_reporting(0); error_reporting(E_ALL ^ E_NOTICE); include 'homedb-connect.php'; //This creates the drop down box echo "<select name= 'target'>"; echo '<option value="">'.'--- Select account ---'.'</option>'; $query = mysqli_query($con,"SELECT target FROM lookuptbl"); $query_display = mysqli_query($con,"SELECT * FROM lookuptbl"); while($row=mysqli_fetch_array($query)) {echo "<option value='". $row['target']."'>".$row['target'] .'</option>';} echo '</select>'; ?> <input type="submit" name="submit" value="Submit"/> </form><center> <?php // error_reporting(0); error_reporting(E_ALL ^ E_NOTICE); include 'homedb-connect.php'; if(isset($_POST['target'])) { $name = $_POST['target']; $fetch="SELECT target, purpose, user, password, email, visits, date, saved FROM lookuptbl WHERE target = '".$name."'"; $result = mysqli_query($con,$fetch); if(!$result) {echo "Error:".(mysqli_error($con));} //display the table echo '<table border="1"><tr><td bgcolor="#ccffff" align="center">lookup menu</td></tr> <tr><td> <table border="1"> <tr> <td> Target </td> <td> Purpose </td> <td> User </td> <td> Password </td> <td> Email </td> <td> Visits </td> <td> Date </td> <td> Saved </td> </tr>'; while($data=mysqli_fetch_row($result)) { $url= "http://localhost/home/crud-link.php?target=". $data[0]; $link= '<a href="'.$url.'">'. $data[0]. '</a>'; echo ("<tr><td> $link </td><td>$data[1]</td><td>$data[2]</td><td>$data[3]</td> <td>$data[4]</td><td>$data[5]</td><td>$data[6]</td><td>$data[7]</td></tr>"); } echo '</table> </td></tr></table>'; } ?> </body></html>
hello , I'm starting to use mysqli and i have few questions. is there a guide for mysqli? and how do i use this functions at mysqli ? mysql_num_rows mysql_query mysql_fetch_assoc mysql_fetch_array thanks , Mor. I have just started using MySQLi and am clueless it is giving me the follow errors in which i do not understand
Warning: mysqli_select_db() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\Login\connect.php on line 23 Notice: Trying to get property of non-object in C:\xampp\htdocs\Login\connect.php on line 25 Notice: Use of undefined constant mysqli - assumed 'mysqli' in C:\xampp\htdocs\Login\connect.php on line 32 Warning: mysqli_query() expects parameter 1 to be mysqli, string given in C:\xampp\htdocs\Login\connect.php on line 32 Warning: mysql_fetch_assoc() expects parameter 1 to be resource, null given in C:\xampp\htdocs\Login\connect.php on line 33 can someone please explain to me why i am getting these? and my code is $mysqli_db = mysqli_select_db("$db_name"); if($mysqli_db->connect_errno) { printf("Database not found: %s\n", $mysql->connect_error); exit(); } $sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'"; $result = mysqli_query($sql); $row = mysqli_fetch_assoc($result);I just got rid off most the errors the only ones left are Warning: mysqli_query() expects at least 2 parameters, 1 given in C:\xampp\htdocs\Login\connect.php on line 32 Fatal error: Call to undefined function mysqli_result() in C:\xampp\htdocs\Login\connect.php on line 33 Code Updated: $mysqli_db = mysqli_select_db($mysqli_connect, $db_name); if(!$mysqli_db) { printf("Database not found: %s\n", $mysqli->connect_error); exit(); } $sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'"; $query = mysqli_query($sql); $result = mysqli_result($query); $row = mysqli_fetch_assoc($result); Edited by Tom8001, 30 November 2014 - 12:43 PM. I dont know whether the statement is correct.....i just tried it.....and it didn't work. $stmt->bind_param('ssiiiss',$_POST['name'],$_POST['email'],$_POST['d'],$_POST['m'],$_POST['y'],$_POST['add'],$_POST['phone']); here my first two values are strings and next 2 tiny int's next is int and last 2 again strings. Hi, The following code is what I want in that it creates a menu and I can select and display a table row.
I still need to use that selection to update the "lastused". I really appreciate your help. <!DOCTYPE><html><head><title>email menu</title></head> <body><center> <form name="form" method="post" action=""> <?php $con=mysqli_connect("localhost","root","cookie","homedb"); //============== check connection if(mysqli_errno($con)) {echo "Can't Connect to mySQL:".mysqli_connect_error();} else {echo "Connected to mySQL</br>";} //This creates the drop down box echo "<select name= 'target'>"; echo '<option value="">'.'--- Select email account ---'.'</option>'; $query = mysqli_query($con,"SELECT target FROM emailtbl"); $query_display = mysqli_query($con,"SELECT * FROM emailtbl"); while($row=mysqli_fetch_array($query)) {echo "<option value='". $row['target']."'>".$row['target'] .'</option>';} echo '</select>'; ?> <input type="submit" name="submit" value="Submit"/><!-- update "lastused" using selected "target"--> </form></body></html> <!DOCTYPE><html><head><title>email menu</title></head> <body><center> <?php $con=mysqli_connect("localhost","root","cookie","homedb"); if(mysqli_errno($con)) {echo "Can't Connect to mySQL:".mysqli_connect_error();} if(isset($_POST['target'])) { $name = $_POST['target']; $fetch="SELECT target,username,password,emailused,lastused, purpose, saved FROM emailtbl WHERE target = '".$name."'"; $result = mysqli_query($con,$fetch); if(!$result) {echo "Error:".(mysqli_error($con));} $lastused = "CURDATE()"; // update "lastused" using selected "target" //display the table echo '<table border="1">'.'<tr>'.'<td bgcolor="#ccffff align="center">'. 'Email menu'. '</td>'.'</tr>'; echo '<tr>'.'<td>'.'<table border="1">'.'<tr>'.'<td bgcolor="#ccffff align="center">'.'target'.'</td>'.'<td bgcolor="#ccffff align="center">'.'username'.'</td>'.'<td bgcolor="#ccffff align="center">'.'password'.'</td>'.'<td bgcolor="#ccffff align="center">'.'emailused'.'</td>'.'<td bgcolor="#ccffff align="center">'.'lastused'.'</td>'.'<td bgcolor="#ccffff align="center">'.'purpose'. '</td>'.'<td bgcolor="#ccffff align="center">'. 'saved' .'</td>'.'</tr>'; while($data=mysqli_fetch_row($result)) {echo ("<tr><td>$data[0]</td><td>$data[1]</td><td>$data[2]</td><td>$data[3]</td><td>$data[4]</td><td>$data[5]</td><td>$data[6]</td></tr>");} echo '</table>'.'</td>'.'</tr>'.'</table>'; } ?> </body></html> When running the following code i get the error: Call to undefined method mysqli::errno() the code: $conn = new mysqli(HOST, USER, PASSWORD, DATABASE); if ($conn->errno() !== 0) { $msg = $conn->error(); throw new connErrorException($msg, 'Connect'); } I am fairly new to classes but as i understand it this should be correct. I am using mysql 5.1 so mysqli is on by default. I have even checked the php ini and everything looks fine there in respect to this. Any advice? I am using mysqli, OO, to connect to MySQL. I have only today started looking at this and am used to: Code: [Select] <?php $con = mysql_connect();//etc mysql_close($connection); ?> Am I right that with mysqli (OO) that I don't need to set a connection variable wither when connecting or closing?? Code: [Select] <?php mysqli::connect();//etc mysqli::close(); ?> What about with multiple databases, does mysqli keep track for me, as I am used to this: Code: [Select] <?php $con1 = mysql_connect();//db1 $con2 = mysql_connect();//db2 ?> //etc Ok I am trying to use mysqli instead of the usual mysql. Mysql would be outdated. With mysqli, sgl-injection is impossible if you use the "?" in those codes. I would normally use a function but I've made a simple script to find the error. I use $parameters and $sql because these are the data I need to give as parameters to the function, so I used it here too but without the function actually. Code: [Select] ini_set('display_errors',1); // 1 == aan , 0 == uit error_reporting(E_ALL | E_STRICT); # sql debug define('DEBUG_MODE',true); // true == aan, false == uit $userid = 11; $lang = 1; $newLink = "testing123"; $db_host = "localhost"; $db_gebruiker = "root"; $db_wachtwoord = ''; $db_naam = "projecteasywebsite"; $sql= "INSERT tbl_link(userid,linkcat,linksubid,linklang,linkactive,linktitle) VALUES(?, ?, ?, ?, ?, ?)"; $parameters = '"iiisis", $userid, 1, 0, $lang, 1, $newLink'; echo $parameters; $mysqli = new mysqli($db_host, $db_gebruiker, $db_wachtwoord, $db_naam); $stmt = $mysqli->prepare($sql); $stmt->bind_param($parameters); $stmt->execute(); echo "<br><br>". mysqli_connect_errno(); echo "<br><br>". mysqli_report(MYSQLI_REPORT_ERROR); $stmt->close(); $mysqli->close(); I got Wrong parameter count for mysqli_stmt::bind_param() So naturally a problem when we execute : Warning: mysqli_stmt::execute() [mysqli-stmt.execute]: (HY000/2031): No data supplied for parameters in prepared statement ($stmt->execute() Is someone using mysqli too ? Greeting all. I am brand new to the forum and I would like to ask a question regarding mysqli. I am not certain why the following code works: Code: [Select] ... $sqlCmd = "select * from usrdata"; $rs = $mysqli->query($sqlCmd); ... and the following code gives me a 500 internal error: Code: [Select] ... $sqlCmd = "select * from usrdata"; $result= dbQuery($sqlCmd); ... function dbQuery($sqlCmd){ $rt = array(); $rs = $mysqli->query($sqlCmd); while($row = $rs->fetch_assoc ()){ $rt[] = $row; } return 'records: ' . json_encode($rt); } The error occurs on the mysqli->query. Thanks for any help. Cheers! |