|
PHP - Database Connect Page - Private?
Hey all, I'm sure this is a really basic question but I'd like a definite answer. I've been watching a tutorial and seeing some site references regarding connecting to a sql database using php. Since it contains a password to the database, my question is, how secure is this page on a webserver, or does it not even matter since the code is so specific to the website and the database it is connecting to.
Thank you in advance. Similar Tutorialshey I need this to connect to my database on my sybase sql server, but no matter what i try, it won't populate the plunum field. Any help would be appreciated. Here is my HTML code: Code: [Select] <html> <head> <title>helloscan</title> <meta http-equiv="refresh" content="18"> <meta http-equiv="scanner" content="javascript:doScan('%s');"/> <meta http-equiv="scanner" content="start"/> <META HTTP-Equiv="scanner" Content="enabled" /> <META HTTP-Equiv="scanner" Content="AutoEnter:Enabled"/> <meta http-equiv="keycapture" content="accelerate:all" /> <meta http-equiv="keycapture" content="keyvalue:0x0D; dispatch=true; keyevent:url('javascript:mykeypressed();')" /> <meta http-equiv="quitbutton" content="visibility: visible;"/> <script language="javascript" type="text/javascript"> function doScan(data){ var divEl = ("%s"); } function enablescanner(enable){ Generic.InvokeMetaFunction('scanner', 'start'); Generic.InvokeMetaFunction('scanner', 'enabled'); Generic.InvokeMetaFunction('scanner', 'autoenter:enabled'); } </script> <script> function get_plunum(){ xmlhttp=ajaxfunction(); if (xmlhttp==null) { alert ("no ajax support"); return; } var ae_xrefnum = document.getelementbyid('ae_xrefnum').value; var ae_plunum = document.getelementbyid('ae_plunum').value; var querystring = "?ae_xrefnum=" + xrefnum + "&ae_plunum="+ plunum"; xmlhttp.onreadystatechange = function (){ if (xmlhttp.readystate == 4 || xmlhttp.readystate=="comlete"){ document.myform.ae_plunum.value = xmlHttp.responseText; } } xmlhttp.open("GET", "helloscan2.php"+querystring, true); xmlhttp.send(null); } function ajaxfunction(){ var xmlhttp=null; try {// code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp=new XMLHttpRequest(); } catch (err) {// code for IE6, IE5 xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } return xmlhttp; } </script> </head> <body onload="enablescanner(true)"> <h3 align="center"><center><img src="ac moore" /></center>Please scan a barcode...</h3> <form name="myform"> ItemBarcode: <input type="text" id="ae_xrefnum" name="ae_xrefnum" itembarcode="divE1" oninput="get_plunum()" /> plunum: <input type="text" id="ae_plunum" name"ae_plunum" oninput="get_price()"/> </form> <script language=javascript> { document.myform.ae_xrefnum.focus(); } </script> </body> </html> And Here is my PHP code: Code: [Select] <?php //================================================================ // Configure connection parameters $db_host = "97.0.40.244, 1498"; $db_server_name = "ACMSQL036A"; $db_name = "backoff.db"; $db_file = 'd:\trvbkup\DB'; $db_conn_name = "php_script"; $db_user = "dba"; $db_pass = "sql"; //================================================================ $connect_string = "Driver={Adaptive Server Anywhere 8.0};". "CommLinks=tcpip(Host=$db_host);". "ServerName=$db_server_name;". "DatabaseName=$db_name;". "DatabaseFile=$db_file;". "ConnectionName=$db_conn_name;". "uid=$db_user;pwd=$db_pass"; // Connect to DB $conn = odbc_connect($connect_string,'',''); // Query $qry = "SELECT xrefnum, plunum FROM DBA.PLU_Cross_Ref where xrefnum = '$xrefnum'"; // Get Result $result = odbc_exec($conn,$qry); // Get Data From Result while ($row[] = odbc_fetch_array($result)); // Free Result odbc_free_result($result); // Close Connection odbc_close($conn); // Show data print_r($row[plunum]); //================================================================ ?> for some reason my database will not connect, here's the code: Code: [Select] <?php require("mstr_ref2.php"); function parseToXML($htmlStr) { $xmlStr=str_replace('<','<',$htmlStr); $xmlStr=str_replace('>','>',$xmlStr); $xmlStr=str_replace('"','"',$xmlStr); $xmlStr=str_replace("'",'&#39;',$xmlStr); $xmlStr=str_replace("&",'&',$xmlStr); return $xmlStr; } // Opens a connection to a MySQL server $connection=mysql_connect (localhost, $username, $password); if (!$connection) { die('Not connected : ' . mysql_error()); } // Set the active MySQL database $db_selected = mysql_select_db($database, $connection); if (!$db_selected) { die ('Can\'t use db : ' . mysql_error()); } // Select all the rows in the markers table $query = "SELECT * FROM markers WHERE 1"; $result = mysql_query($query); if (!$result) { die('Invalid query: ' . mysql_error()); } header("Content-type: text/xml"); // Start XML file, echo parent node echo '<markers>'; // Iterate through the rows, printing XML nodes for each while ($row = @mysql_fetch_assoc($result)){ // ADD TO XML DOCUMENT NODE echo '<marker '; echo 'name="' . parseToXML($row['name']) . '" '; echo 'address="' . parseToXML($row['address']) . '" '; echo 'lat="' . $row['lat'] . '" '; echo 'lng="' . $row['lng'] . '" '; echo 'type="' . $row['type'] . '" '; echo '/>'; } // End XML file echo '</markers>'; ?> I think there is something wrong with this line of code. Where it says 'locat host' im not too sure about that because im not connecting to a local host, so what can i put in there instead?i think that is the problem. Code: [Select] $connection=mysql_connect (localhost, $username, $password); This is the error I get: Code: [Select] Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'a2221438'@'localhost' (using password: NO) in /home/a2221438/public_html/map.php on line 44 hi i m new to php and i m working on a project in which i m configuring a mail server using Mdeamon 9.5....... In Mdeamon 9.5 users are create by hand but i want to create user online as they sign up and their account will create as abc@mycompany.com and thier inbox created. So i want when user is sign up online and new entries will added to SQL database which trigger the Mdeamon to create a new user is it possible????? If YES then how can i do it..................... Thnx in advance for help.................. This is my first post so please correct me if somethings wrong Basically im creating a shopping cart with the help of a guide but there is no database written in the guide so i'm not sure how to proceed. My database wont work... Guide: https://jameshamilto...g-cart-tutorial Error message http://gyazo.com/a20...b096b7727410dfd Index:
<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="description" content="PHP Shopping Cart Using Sessions" />
<meta name="keywords" content="shopping cart tutorial, shopping cart, php, sessions" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" media="all" href="/style/style.css" type="text/css" />
<title>Cart</title>
<?php
//connect to your database here
$sql = 'SELECT * FROM books ORDER BY id';
$output[] = '<ul>';
$output[] = '<li>"'.$row['title'].'" by '.$row['author'].': £'.$row['price'].'<br /><a href="cart.php?action=add&id='.$row['id'].'">Add to cart</a></li>';
//connect mysql
mysql_connect($server, $user, $pass) or die ("Sorry, can't conect to mysql.");
//select db
mysql_select_db($db) or die ("Sorry cant select the db.");
?>
</head>
<body>
<?php
$product_id = $_GET[id]; //the product id from the URL
$action = $_GET[action]; //the action from the URL
//if there is an product_id and that product_id doesn't exist display an error message
if($product_id && !productExists($product_id)) {
die("Error. Product Doesn't Exist");
}
switch($action) { //decide what to do
case "add":
$_SESSION['cart'][$product_id]++; //add one to the quantity of the product with id $product_id
break;
case "remove":
$_SESSION['cart'][$product_id]--; //remove one from the quantity of the product with id $product_id
if($_SESSION['cart'][$product_id] == 0) unset($_SESSION['cart'][$product_id]); //if the quantity is zero, remove it completely (using the 'unset' function) - otherwise is will show zero, then -1, -2 etc when the user keeps removing items.
break;
case "empty":
unset($_SESSION['cart']); //unset the whole cart, i.e. empty the cart.
break;
}
?>
<?php
if($_SESSION['cart']) { //if the cart isn't empty
//show the cart
echo "<table border=\"1\" padding=\"3\" width=\"40%\">"; //format the cart using a HTML table
//iterate through the cart, the $product_id is the key and $quantity is the value
foreach($_SESSION['cart'] as $product_id => $quantity) {
//get the name, description and price from the database - this will depend on your database implementation.
//use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
$sql = sprintf("SELECT name, description, price FROM php_shop_products WHERE id = %d;",
$product_id);
$result = mysql_query($sql);
//Only display the row if there is a product (though there should always be as we have already checked)
if(mysql_num_rows($result) > 0) {
list($name, $description, $price) = mysql_fetch_row($result);
$line_cost = $price * $quantity; //work out the line cost
$total = $total + $line_cost; //add to the total cost
echo "<tr>";
//show this information in table cells
echo "<td align=\"center\">$name</td>";
//along with a 'remove' link next to the quantity - which links to this page, but with an action of remove, and the id of the current product
echo "<td align=\"center\">$quantity <a href=\"$_SERVER[PHP_SELF]?action=remove&id=$product_id\">X</a></td>";
echo "<td align=\"center\">$line_cost</td>";
echo "</tr>";
}
}
//show the total
echo "<tr>";
echo "<td colspan=\"2\" align=\"right\">Total</td>";
echo "<td align=\"right\">$total</td>";
echo "</tr>";
//show the empty cart link - which links to this page, but with an action of empty. A simple bit of javascript in the onlick event of the link asks the user for confirmation
echo "<tr>";
echo "<td colspan=\"3\" align=\"right\"><a href=\"$_SERVER[PHP_SELF]?action=empty\" onclick=\"return confirm('Are you sure?');\">Empty Cart</a></td>";
echo "</tr>";
echo "</table>";
}else{
//otherwise tell the user they have no items in their cart
echo "You have no items in your shopping cart.";
}
//function to check if a product exists
function productExists($product_id) {
//use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
$sql = sprintf("SELECT * FROM php_shop_products WHERE id = %d;",
$product_id);
return mysql_num_rows(mysql_query($sql)) > 0;
}
?>
<a href="products.php">Continue Shopping</a>
<?php
/*
products table:
CREATE TABLE `products` (
`id` INT NOT NULL AUTO_INCREMENT ,
`name` VARCHAR( 255 ) NOT NULL ,
`description` TEXT,
`price` DOUBLE DEFAULT '0.00' NOT NULL ,
PRIMARY KEY ( `id` )
);
*/
?>
</body>
</html>
products.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="description" content="PHP Shopping Cart Using Sessions" />
<meta name="keywords" content="shopping cart tutorial, shopping cart, php, sessions" />
<link rel="stylesheet" media="all" href="/style/style.css" type="text/css" />
<title>Products</title>
<?php
//connect to your database here
//connect to your database here
$sql = 'SELECT * FROM books ORDER BY id';
$output[] = '<ul>';
$output[] = '<li>"'.$row['title'].'" by '.$row['author'].': £'.$row['price'].'<br /><a href="cart.php?action=add&id='.$row['id'].'">Add to cart</a></li>';
//connect mysql
mysql_connect($server, $user, $pass) or die ("Sorry, can't conect to mysql.");
//select db
mysql_select_db($db) or die ("Sorry cant select the db.");
?>
</head>
<body>
<table border="1">
<?php
$sql = "SELECT id, name, description, price FROM php_shop_products;";
$result = mysql_query($sql);
while(list($id, $name, $description, $price) = mysql_fetch_row($result)) {
echo "<tr>";
echo "<td>$name</td>";
echo "<td>$description</td>";
echo "<td>$price</td>";
echo "<td><a href=\"cart.php?action=add&id=$id\">Add To Cart</a></td>";
echo "</tr>";
}
?>
</table>
<a href="cart.php">View Cart</a>
</body>
</html>
Hi, I cant connect to my Mysql database. I get this problem: Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'esolarch_databas'@'localhost' (using password: YES) in /home7/esolarch/public_html/new/storescripts/connect_to_mysql.php on line 21 could not connect to mysql Code: [Select] <?php /* 1: "die()" will exit the script and show an error statement if something goes wrong with the "connect" or "select" functions. 2: A "mysql_connect()" error usually means your username/password are wrong 3: A "mysql_select_db()" error usually means the database does not exist. */ // Place db host name. Sometimes "localhost" but // sometimes looks like this: >> ???mysql??.someserver.net $db_host = "localhost"; // Place the username for the MySQL database here $db_username = "esolarch_database"; // Place the password for the MySQL database here $db_pass = "Password"; // Place the name for the MySQL database here $db_name = "esolarch_admin2"; // Run the actual connection here mysql_connect("$db_host","$db_username","$db_pass") or die ("could not connect to mysql"); mysql_select_db("$db_name") or die ("no database"); ?> Hello, I've been having trouble connecting to a MySQL database, I can't find the problem in the code, what am I doing wrong? Getting the database file in the config file : require_once("db_connect.php"); db_connect.php : <?php $db = mysql_connect('83.172.155.14:3306', 'username', 'password') or die(mysql_error()); mysql_select_db('databasename', $db) or die(mysql_error()); ?> I need to connect to a PhpMyAdmin database. I need this fixed asap since I'm doing this for someone and he wants the site done as quickly as possible. P.S: The database used to work in php4 and now I need it to work on php5 Thanks in advance, I know the regular database connection, but this time i am provided with the SSH details. This guy game me the IP address of the database server to connect and 2 login details. SSH: Username and Password DB: Username and Password And i am using XAMPP for trying out the code. Is there any plugin i need to download for SSH connections? Could you please give me the connection snippet for SSH because i don't really know how to do that, i am also searching elsewhere on internet. Thanks in advance for help... Here is my code in admin_common.php. This is a website I had over at yahoo that I moved to Godaddy. define("EZSQL_DB_USER", "larryadmin"); // <-- mysql db user define("EZSQL_DB_PASSWORD", "mypassword"); // <-- mysql db password define("EZSQL_DB_NAME", "larryadmin"); // <-- mysql db pname define("EZSQL_DB_HOST", "mysql"); // <-- mysql server host I keep getting this error SQL/DB Error -- [ Error establishing a database connection! Are you sure you have the correct user/password? Are you sure that you have typed the correct hostname? Are you sure that the database server is running? ] SQL/DB Error -- [ Error selecting database larryadmin! Are you sure it exists? Are you sure there is a valid database connection? ] Please help thanks. Hello I am creating a simple Discussion Forum, and I cant get past my IF Statement to verify topics exist? Please help? <?php //check for required info from the query string if (!$_GET[topic_id]) { header("Location: topiclist.php"); exit; } //connect to server and select database $link = mysql_connect('votpservicescom.ipagemysql.com', 'mantest', 'testman') or die(mysql_error()); mysql_select_db("learn2db",$link) or die(mysql_error()); Hi, When i am trying to run one script on my web server, i get following error Cannot connect to the database using the info you provided Access denied for user 'My_Username'@'localhost' (using password: NO) I filled all info like Host(localhost) Database name(created in cpanel) Username(created in cpanel) Password(i kept blank dont know where to find this) You help will highly appreciate Thanks, Ravindra Hey... I was going through this sample that was given in the class, but got confused at the first point "//change this to include your own database connect script. include "../../dbconnect.php";" and the database connection code is "<?php if ($_POST['submit']) { // connect to your database $connection = pg_connect("port=5432 dbname=rr_ds user=nobody"); if (!$connection) { die("Connection has failed: " . pg_last_error()); }?> " the database connection code is from a previous assignment which i did, but that was for a login page. The current assignment is to connect to the database and have data on it. hello there.. i have a problem with my php coding where i want to keep date choose by user in the database. this is the drop down date Code: [Select] <select name="Date_Day"> <option> - Day - </option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="Date_Month"> <option> - Month - </option> <option value="01">January</option> <option value="02">Febuary</option> <option value="03">March</option> <option value="04">April</option> <option value="05">May</option> <option value="06">June</option> <option value="07">July</option> <option value="08">August</option> <option value="09">September</option> <option value="10">October</option> <option value="11">November</option> <option value="12">December</option> </select> <select name="Date_Year"> <option> - Year - </option> <option value="2010">2010</option> <option value="2011">2011</option> <option value="2012">2012</option> <option value="2013">2013</option> <option value="2014">2014</option> <option value="2015">2015</option> <option value="2016">2016</option> <option value="2017">2017</option> <option value="2018">2018</option> <option value="2019">2019</option> <option value="2020">2020</option> <option value="2021">2021</option> <option value="2022">2022</option> <option value="2023">2023</option> <option value="2024">2024</option> <option value="2025">2025</option> <option value="2026">2026</option> </select> the code to connect to the database Code: [Select] $date_year= ($_POST['Date_Year']); $date_month=($_POST['Date_Month']); $date_day=($_POST['Date_Day']); $date=$date_year."-".$date_month."-".$date_day; $query="INSERT INTO aduan (date) VALUES ('date($date)')"; $result=mysql_query($query); if($result){ echo 'Registration success.'; ?><script>window.location ='thanks.php'</script> <?php } else echo 'Registration failed';} when enter a value of date, the database will just show '0000-00-00'.. really hope for your help.. Hi there, I have this connect script I have made. I was wondering if it's secure or not, if not... What would be a good way to do so... Code: [Select] <?php class connect{ public $host = "localhost"; public $dbuser = ""; public $dbpass = ""; public $db = ""; } $connect = new connect(); mysql_connect($connect->host,$connect->dbuser,$connect->dbpass) or die("Could not connect!"); mysql_select_db($connect->db); ?> Hello- I want to create is fairly simple client login. Basically we have an area in our server, a directory really, filled with pw protected directories which house client project sites, basically viewing rooms for graphics and video we post. we have a few sites up and working, but instead of giving our clients a link and a password (which is kinda sloppy) it would be ideal to have them go to a single index page and login from there. I see the client entering a name and password and the script would match it to the directory and they would be taken to their designated client area. Another way would be to select their directory from a drop down and then enter the user and password, though then clients will be able to see other clients names, which would be less than ideal for disclosure reasons. I hope this makes sense. I am not new to html css, but have only a bit of experience with php, so any help would be greatly appreciated. thanks Matt Hi, I am making a dating site where I have made the user profile edit page visible to the user when they log in, and I think I can get away with not showing the user their "public" profile view. But I definitely need to show other users on the site the "public" non editing profile page view. But I don't know how to do this. I have yet to create the search, search results, thumbnails with optional descriptions of the possible dating results. But I first want to just get 2 versions of the user profile page view. One that the user sees that I have already done. (The editable one). And the other I need to make which is the page the other users will see, (The public profile) Please if anyone has any idea how to do this I would greatly appreciate it, especially if you have any pseudocode ideas. thank you. Okay guys I have finished my db and I want to upload it to a live server but don't know exactly what to change in the code to get the ODBC_connect to open the path at the new server location please help. my database is located in a subfolder called Databases i.e. "www.mydomain.com/Databases/myEvents.mdb" what do i change in the connection string below to get it to open the file on the live server? Thanks in advance. $conn = odbc_connect('myEvents','',''); This topic has been moved to Microsoft SQL - MSSQL. http://www.phpfreaks.com/forums/index.php?topic=319147.0 I have a standard form that displays users current data from a mysql database once logged in(code obtained from the internet). Users can then edit their data then submit it to page called editform.php that does the update. All works well except that the page does not display the updated info. Users have to first logout and login again to see the updated info. even refreshing the page does not show the new info. Please tell me where the problem is as i am new to php.
my form page test.php
<?PHP
require_once("./include/membersite_config.php");
if(!$fgmembersite->CheckLogin())
{
$fgmembersite->RedirectToURL("login.php");
exit;
}
?>
<form action="editform.php?id_user=<?= $fgmembersite->UserId() ?>" method="POST">
<input type="hidden" name="id_user" value="<?= $fgmembersite->UserId() ?>"><br>
Name:<br> <input type="text" name="name" size="40" value="<?= $fgmembersite->UserFullName() ?>"><br><br>
Email:<br> <input type="text" name="email" size="40" value="<?= $fgmembersite->UserEmail() ?> "><br><br>
Address:<br> <input type="text" name="address" size="40" value="<?= $fgmembersite->UserAddress() ?> "><br><br>
<button>Submit</button>
my editform.php
<?php
$con = mysqli_connect("localhost","root","user","pass");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
mysqli_query($con,"UPDATE fgusers3 SET name = '".$_POST['name']."', email= '".$_POST['email']."', address= '".$_POST['address']."' WHERE id_user='".$_POST['id_user']."'");
header("Location: test.php");
?>
Hi i created a website where you cam view ip webcams via php. I want to make it so people can make the camera private and public. I made two fields in mysql called "Username" and "Puborprivate" I tried to make the "Puborprivate" have two numbers "0" would be private and "1" would be public. How could I do this? My site is cwuforum.com/live/ |
|||||||