Menu
Community /Pin to ProfileBookmark
@NogDogNov 07.2017 — #You can help us help you by actually testing it and letting us know what errors you get. To that end, for now it may be beneficial to make sure each main PHP script starts with the following:
This should ensure you have some (hopefully) useful error messages to share with us wherever things break.@NogDogNov 10.2017 — #If you just want to die() when you don't connect like that, then the "or... needs to be part of the connection attempt:
@NogDogNov 14.2017 — #
I just edited it to obfuscate the DB credentials.@NogDogNov 14.2017 — #
Along those lines, suppressing errors with the @ operator can be counter-productive to debugging production issues. Better would be to ensure that errors are not displayed in that environment with the 'display_erros' setting set to false:
@NogDogNov 14.2017 — #Basically, anything that you think could possibly fail -- or would be a show-stopper if it ever did fail -- you can check the return value and react accordingly. So...
@NogDogNov 15.2017 — #
Or just [B][FONT=Courier New]tail -f /path/to/php_errors.log[/FONT][/B] in a terminal window, if you know where the log file is. ¯_ (ツ?_/¯
@benanamenNov 19.2017 — #Welcome back forum coder, AKA Unique Idea Man, AKA UIman, and now AKA visiter52. You just keep going around to all the forums calling people an a-hole and you will be reported on every single one of them. You have already been banned from codingforums and earned a bad reputation under your many other usernames. Dont think coming here under yet another name is going to hide who you are.
You just keep posting on all the forums calling me an a-hole. Your bad reputation already precedes you which is why you are up to your what, 5th username now?
[B][COLOR="#FF0000"]CONSIDER YOURSELF REPORTED YET AGAIN[/COLOR] [/B]@benanamenNov 19.2017 — #It doesn't take any "research" at all. When the EXACT posts are made with several different usernames you would have to be an idiot to not know its the same person. When the OP admits it because he is called out by OTHER people, well, that speaks for itself. When a mod that has banned the OP posts that the multiple usernames are posting from the exact same IP, well, that also speaks for itself. But thanks for playing anyways.
When you read all the posts that OTHER users and mods have posted about this OP, you will understand why he is now on his 5th or so username.
Please correct mistakes in code (converting MySQL functions into MySQLi ones)
This thread continues from the closed thread “I Need help with converting mysql_ …” I was going to post the following codes but the thread was closed. I’ve been trying to replace all mysql functions with mysqli ones in an old script which generates pages with reviews from users.
First, I changed code in my functions.php file to establish connection to a database.
Initial code:
[code=php]
<?php
$NumReviews = 8;
$db_name = “xxxxxxxxxxxxxxxxx”;
$connection = @mysql_connect(“xxxxxxxxx”, “xxxxxxxxxxxx”, “xxxxxxxxxxxx”)
or die(“Couldn’t connect.”);
$db = @mysql_select_db($db_name, $connection)
or die(“Couldn’t select database.”);
function db_errno($args=array()) {
return @mysql_errno();
}
function db_error($args=array()) {
return @mysql_error();
}
?>
Modified code:
[code=php]
<?php
class DB
{
static $link;
static $dbname;
public static function connect()
{
if(empty(self::$link))
{
$dbhost = ‘xxxxxxxxx’;
$dbuser = ‘xxxxxxxx’;
$dbpassword = ‘xxxxxxxxxxxxx’;
$dbname = ‘xxxxxxxxxxxx’;
self::$link = @mysqli_connect($dbhost,$dbuser,$dbpassword,$dbname);
self::$dbname=$dbname;
mysqli_set_charset(self::$link, ‘utf8’);
or die(“Couldn’t connect.”);
}
}
}
DB::connect();
?>
Then, I converted mysql functions in admin_menu.php
Initial code:
[code=php]
<?php
//if a session does not yet exist for this user, start one
session_start();
//if there is no username or password entered and the user has not already been validated, send user back to login page.
if ((empty($_POST[“admin_username”]) || empty($_POST[“admin_passtext”])) && empty($_SESSION[‘valid_user’]))
{
Header(“Location: index.php”);
}
include (“../body_edit.php”);
include (“../config.php”);
include (“../functions.php”);
//make sure user has been logged in.
if (empty($_SESSION[‘valid_user’]))
{
// User not logged in, check database
//Check to see that the username and Password entered have admin access.
$sqlaccess = “SELECT username, passtext
FROM admin
WHERE username='” . mysql_escape_string($_POST[‘admin_username’]) . “‘
AND passtext = ‘” . mysql_escape_string($_POST[‘admin_passtext’]) . “‘
LIMIT 1
“;
$resultaccess = mysql_query($sqlaccess)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$numaccess = mysql_numrows($resultaccess);
if ($numaccess == 0) {
BodyHeader(“Access Not Allowed!”);
?>
<P>To access the Administration area you need to have approved access. The username and Password (<?php echo “$admin_username and $admin_passtext”; ?>) you entered are not approved!<br>
<a href=”index.php”>Please try again</a>
<?php
BodyFooter();
exit;
}// if numaccess
//if the user/pass were valid create a session for the user.
$_SESSION[‘admin_passtext’] = $_POST[‘admin_passtext’];
$_SESSION[‘admin_username’] = $_POST[‘admin_username’];
//since user has been verified, set a session for checking on admin pages.
$_SESSION[‘valid_user’] = $_POST[‘admin_username’];
//set cookie so admin can save login info if logout link is not clicked.
if (empty($_COOKIE[‘admin_username’]) && empty($_COOKIE[‘admin_passtext’])) {
setcookie(“admin_username”, $_POST[‘admin_username’], time() + 31536000, “/”);
setcookie(“admin_passtext”, $_POST[‘admin_passtext’], time() + 31536000, “/”);
}//if cookie
}//if session
BodyHeader(“$sitename Administration Menu”);
//Get the number of reviews that are not approved.
$result = mysql_query(“SELECT COUNT(*) as total FROM review WHERE approve=’n’
AND
review_item_id != ‘0’”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysql_fetch_array($result);
$total = $rows[“total”];
//Get the total number of reviews that are approved.
$result = mysql_query(“SELECT COUNT(*) as totaly FROM review WHERE approve=’y'”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysql_fetch_array($result);
$totaly = $rows[“totaly”];
//Get the total number of user submitted items that need to be approved.
$result = mysql_query(“SELECT COUNT(*) as totalitemuser FROM review_items_user”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysql_fetch_array($result);
$totalitemuser = $rows[“totalitemuser”];
?>
//some code here….
<?php
BodyFooter();
exit;
?>
Modified code:
[code=php]
<?php
//if a session does not yet exist for this user, start one
session_start();
//if there is no username or password entered and the user has not already been validated, send user back to login page.
if ((empty($_POST[“admin_username”]) || empty($_POST[“admin_passtext”])) && empty($_SESSION[‘valid_user’]))
{
Header(“Location: index.php”);
}
include (“../body_edit.php”);
include (“../config.php”);
include (“../functions.php”);
//make sure user has been logged in.
if (empty($_SESSION[‘valid_user’]))
{
// User not logged in, check database
//Check to see that the username and Password entered have admin access.
$sqlaccess = “SELECT username, passtext
FROM admin
WHERE username='” . mysqli_real_escape_string($_POST[‘admin_username’]) . “‘
AND passtext = ‘” . mysqli_real_escape_string($_POST[‘admin_passtext’]) . “‘
LIMIT 1
“;
$resultaccess = mysqli_query(db::$link,$sqlaccess)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$numaccess = mysqli_numrows($resultaccess);
if ($numaccess == 0) {
BodyHeader(“Access Not Allowed!”);
?>
//some code here…
<P>To access the Administration area you need to have approved access. The username and Password (<?php echo “$admin_username and $admin_passtext”; ?>) you entered are not approved!<br>
<a href=”index.php”>Please try again</a>
<?php
BodyFooter();
exit;
}
// if numaccess
//if the user/pass were valid create a session for the user.
$_SESSION[‘admin_passtext’] = $_POST[‘admin_passtext’];
$_SESSION[‘admin_username’] = $_POST[‘admin_username’];
//since user has been verified, set a session for checking on admin pages.
$_SESSION[‘valid_user’] = $_POST[‘admin_username’];
//set cookie so admin can save login info if logout link is not clicked.
if (empty($_COOKIE[‘admin_username’]) && empty($_COOKIE[‘admin_passtext’])) {
setcookie(“admin_username”, $_POST[‘admin_username’], time() + 31536000, “/”);
setcookie(“admin_passtext”, $_POST[‘admin_passtext’], time() + 31536000, “/”);
}//if cookie
}//if session
BodyHeader(“$sitename Administration Menu”);
//Get the number of reviews that are not approved.
$result = mysqli_query(db::$link,”SELECT COUNT(*) as total FROM review WHERE approve=’n’
AND
review_item_id != ‘0’”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysqli_fetch_array($result);
$total = $rows[“total”];
//Get the total number of reviews that are approved.
$result = mysqli_query(db::$link,”SELECT COUNT(*) as totaly FROM review WHERE approve=’y'”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysqli_fetch_array($result);
$totaly = $rows[“totaly”];
//Get the total number of user submitted items that need to be approved.
$result = mysqli_query(db::$link,”SELECT COUNT(*) as totalitemuser FROM review_items_user”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysqli_fetch_array($result);
$totalitemuser = $rows[“totalitemuser”];
?>
//some code here…
<?php
BodyFooter();
exit;
?>
Could you please correct any mistake you see in these code snippets? I don’t consider myself knowledgeable in php so your explanations will be appreciated! Thank you!
Sign in
to post a comment17 Comments(s) ↴
0
@NogDogNov 07.2017 — #You can help us help you by actually testing it and letting us know what errors you get. To that end, for now it may be beneficial to make sure each main PHP script starts with the following:[code=php]
<?php
error_reporting(E_ALL);
ini_set('display_errors', true); // set to false in production
[/code]This should ensure you have some (hopefully) useful error messages to share with us wherever things break.
0
@NogDogNov 10.2017 — #If you just want to die() when you don't connect like that, then the "or... needs to be part of the connection attempt:[code=php]
<?php
class DB
{
static $link;
static $dbname;
public static function connect()
{
if(empty(self::$link))
{
$dbhost = 'xxxxxxxxx';
$dbuser = 'xxxxxxxx';
$dbpassword = 'xxxxxxxxxxxxx';
$dbname = 'xxxxxxxxxxxx';
self::$link = @mysqli_connect($dbhost,$dbuser,$dbpassword,$dbname)
or die("Couldn't connect.");
self::$dbname=$dbname;
mysqli_set_charset(self::$link, 'utf8');
}
}
}
DB::connect();
// there's no need for a closing php tag in this case, so it's often better to leave it out
[/code]0
@NogDogNov 14.2017 — #Moderator, please delete my last post as I accidentally posted info which I shouldn't post.[/QUOTE]
I just edited it to obfuscate the DB credentials.
0
@NogDogNov 14.2017 — #NodDog, I'm wondering if I could go without "or die("Couldn't connect.")"? Or should I insert another line such as "or die("Couldn't select database.")" which is present in my initial code of functions.php file here (not to refer you back to the thread's top):
[code=php]<?
//Choose how many reviews per page to display
$NumReviews = 8;
//Set the name of the Table, Database, Username and Password for Mysql.
$db_name = "*****";
$connection = @mysql_connect("*****", "*****", "*****")
or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection)
or die("Couldn't select database.");
function db_errno($args=array()) {
return @mysql_errno();
}
function db_error($args=array()) {
return @mysql_error();
}
?>[/code]
In other words, should my new code be similar to the initial code except MySQL interface or can I exclude those lines along with mysql_errno and mysql_error? I would like to have my code similar to the initial, but is it necessary?[/QUOTE]
or die('some message')Along those lines, suppressing errors with the @ operator can be counter-productive to debugging production issues. Better would be to ensure that errors are not displayed in that environment with the 'display_erros' setting set to false:
[code=php]
<?php
ini_set('display_errors', false);
error_reporting(E_ALL); // all warnings/errors will be in PHP error log
[/code]0
@NogDogNov 14.2017 — #Basically, anything that you think could possibly fail -- or would be a show-stopper if it ever did fail -- you can check the return value and react accordingly. So...[code=php]
self::$link = mysqli_connect($dbhost,$dbuser,$dbpassword,$dbname);
if(self::$link == false) {
error_log("DB connection failed:".PHP_EOL.mysqli_connect_error());
// output whatever user-friendly message you want, then exit.
// or whatever else you want to do: maybe a generic error function?
exit;
}
[/code]0
@NogDogNov 15.2017 — #And - while you are doing your development - you should set this to true so that you can SEE the errors instead of having to go view the log every time:
[/QUOTE]<i>
</i>ini_set('display_errors', true); // turn on errors while development
Or just [B][FONT=Courier New]tail -f /path/to/php_errors.log[/FONT][/B] in a terminal window, if you know where the log file is. ¯
0
@benanamenNov 19.2017 — #Welcome back forum coder, AKA Unique Idea Man, AKA UIman, and now AKA visiter52. You just keep going around to all the forums calling people an a-hole and you will be reported on every single one of them. You have already been banned from codingforums and earned a bad reputation under your many other usernames. Dont think coming here under yet another name is going to hide who you are.You just keep posting on all the forums calling me an a-hole. Your bad reputation already precedes you which is why you are up to your what, 5th username now?
[B]
0
@benanamenNov 19.2017 — #When you read all the posts that OTHER users and mods have posted about this OP, you will understand why he is now on his 5th or so username.