Mysql database connection

Hey Koders,
I have an problem. I have made an app ( Although not completed yet) to submit images/websites to my mysql database server. But even after submission of my form through my app.
Aia : ElectroSearch.aia - Google Drive
Please help me out…
Thanks

Ideally, you should describe what you want to do and what is going on.
You must also post (here) your relevant blocks and your PHP script.

I think this post can help you

The error image-


The php code I used-

<?php /* * Written By: ElectroMobileIntell * Date: 26/08/2021 * Contact: [email protected] * * UPDATE 26/08/2021 * The code now returns a real error message on a bad query with the mysql error number and its error message * checks for magic_quotes being enabled and strips slashes if it is. Its best to disable magic quotes still. * Checks to make sure the submitted form is a x-www-form-urlencode just so people dont screw with a browser access or atleast try to * Forces the output filename to be JSON to conform with standards * * UPDATE 26/08/2021 * Code updated to use the Web Module instead of tinywebdb * * UPDATE 2013/12/26 and 2014/02/18 * minor modifications by Us * * UPDATE 26/08/2021 * mysql Api Replacement * * UPDATE 26/08/2021 * SELECT logic adjusted (result stored in temp. file removed) * * UPDATE 26/08/2021 * Bugfix Undefined variable: csv */ /************************************CONFIG****************************************/ //DATABSE DETAILS// $DB_ADDRESS="localhost"; $DB_USER="Here I placed the DB User"; $DB_PASS="Here I placed my DB Password"; $DB_NAME="Here I placed my DB Name"; //SETTINGS// //This code is something you set in the APP so random people cant use it. $SQLKEY="Here I placed my DB Password"; /************************************CONFIG****************************************/ //these are just in case setting headers forcing it to always expire header('Cache-Control: no-cache, must-revalidate'); error_log(print_r($_POST,TRUE)); if( isset($_POST['query']) && isset($_POST['key']) ){ //checks if the tag post is there and if its been a proper form post //set content type to CSV (to be set here to be able to access this page also with a browser) header('Content-type: text/csv'); if($_POST['key']==$SQLKEY){ //validates the SQL key $query=urldecode($_POST['query']); if(get_magic_quotes_gpc()){ //check if the worthless pile of p magic quotes is enabled and if it is, strip the slashes from the query $query=stripslashes($query); } $conn = new mysqli($DB_ADDRESS,$DB_USER,$DB_PASS,$DB_NAME); //connect if($conn->connect_error){ //checks connection header("HTTP/1.0 400 Bad Request"); echo "ERROR Database Connection Failed: " . $conn->connect_error, E_USER_ERROR; //reports a DB connection failure } else { $result=$conn->query($query); //runs the posted query if($result === false){ header("HTTP/1.0 400 Bad Request"); //sends back a bad request error echo "Wrong SQL: " . $query . " Error: " . $conn->error, E_USER_ERROR; //errors if the query is bad and spits the error back to the client } else { if (strlen(stristr($query,"SELECT"))>0) { //tests if it's a SELECT statement $csv = ''; // bug fix Undefined variable: csv while ($fieldinfo = $result->fetch_field()) { $csv .= $fieldinfo->name.","; } $csv = rtrim($csv, ",")."\n"; echo $csv; //prints header row $csv = ''; $result->data_seek(0); while($row = $result->fetch_assoc()){ foreach ($row as $key => $value) { $csv .= $value.","; } $csv = rtrim($csv, ",")."\n"; } echo $csv; //prints all data rows } else { header("HTTP/1.0 201 Rows"); echo "AFFECTED ROWS: " . $conn->affected_rows; //if the query is anything but a SELECT, it will return the number of affected rows } } $conn->close(); //closes the DB } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; //reports if the secret key was bad } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; } ?><?php

/*

  • Written By: ElectroMobileIntell
  • Date: 26/08/2021
  • Contact: [email protected]
  • UPDATE 26/08/2021
  • The code now returns a real error message on a bad query with the mysql error number and its error message
  • checks for magic_quotes being enabled and strips slashes if it is. Its best to disable magic quotes still.
  • Checks to make sure the submitted form is a x-www-form-urlencode just so people dont screw with a browser access or atleast try to
  • Forces the output filename to be JSON to conform with standards
  • UPDATE 26/08/2021
  • Code updated to use the Web Module instead of tinywebdb
  • UPDATE 2013/12/26 and 2014/02/18
  • minor modifications by Us
  • UPDATE 26/08/2021
  • mysql Api Replacement
  • UPDATE 26/08/2021
  • SELECT logic adjusted (result stored in temp. file removed)
  • UPDATE 26/08/2021
  • Bugfix Undefined variable: csv
    */

/CONFIG****/
//DATABSE DETAILS//
$DB_ADDRESS=“localhost”;
$DB_USER=“Here I placed the DB User”;
$DB_PASS=“Here I placed my DB Password”;
$DB_NAME=“Here I placed my DB Name”;

//SETTINGS//
//This code is something you set in the APP so random people cant use it.
$SQLKEY=“Here I placed my DB Password”;

/CONFIG****/

//these are just in case setting headers forcing it to always expire
header(‘Cache-Control: no-cache, must-revalidate’);

error_log(print_r($_POST,TRUE));

if( isset($_POST[‘query’]) && isset($_POST[‘key’]) ){ //checks if the tag post is there and if its been a proper form post
//set content type to CSV (to be set here to be able to access this page also with a browser)
header(‘Content-type: text/csv’);

if($_POST[‘key’]==$SQLKEY){ //validates the SQL key
$query=urldecode($_POST[‘query’]);
if(get_magic_quotes_gpc()){ //check if the worthless pile of p magic quotes is enabled and if it is, strip the slashes from the query
$query=stripslashes($query);
}
$conn = new mysqli($DB_ADDRESS,$DB_USER,$DB_PASS,$DB_NAME); //connect

if($conn->connect_error){                                                           //checks connection
  header("HTTP/1.0 400 Bad Request");
  echo "ERROR Database Connection Failed: " . $conn->connect_error, E_USER_ERROR;   //reports a DB connection failure
} else {
  $result=$conn->query($query);                                                     //runs the posted query
  if($result === false){
    header("HTTP/1.0 400 Bad Request");                                             //sends back a bad request error
    echo "Wrong SQL: " . $query . " Error: " . $conn->error, E_USER_ERROR;          //errors if the query is bad and spits the error back to the client
  } else {
    if (strlen(stristr($query,"SELECT"))>0) {                                       //tests if it's a SELECT statement
      $csv = '';                                                                    // bug fix Undefined variable: csv
      while ($fieldinfo = $result->fetch_field()) {
        $csv .= $fieldinfo->name.",";
      }
      $csv = rtrim($csv, ",")."\n";
      echo $csv;                                                                    //prints header row
      $csv = '';

      $result->data_seek(0);
      while($row = $result->fetch_assoc()){
        foreach ($row as $key => $value) {
          $csv .= $value.",";
        }
        $csv = rtrim($csv, ",")."\n";
      }
      echo $csv;                                                                    //prints all data rows
    } else {
      header("HTTP/1.0 201 Rows");
      echo "AFFECTED ROWS: " . $conn->affected_rows;       //if the query is anything but a SELECT, it will return the number of affected rows
    }
  }
  $conn->close();                                          //closes the DB
}

} else {
header(“HTTP/1.0 400 Bad Request”);
echo “Bad Request”; //reports if the secret key was bad
}
} else {
header(“HTTP/1.0 400 Bad Request”);
echo “Bad Request”;
}
?>
I have just replaced the db user, password and name with what I have written

Sorry, I want to say,
That the code is-

<?php /* * Written By: ElectroMobileIntell * Date: 26/08/2021 * Contact: [email protected] * * UPDATE 26/08/2021 * The code now returns a real error message on a bad query with the mysql error number and its error message * checks for magic_quotes being enabled and strips slashes if it is. Its best to disable magic quotes still. * Checks to make sure the submitted form is a x-www-form-urlencode just so people dont screw with a browser access or atleast try to * Forces the output filename to be JSON to conform with standards * * UPDATE 26/08/2021 * Code updated to use the Web Module instead of tinywebdb * * UPDATE 2013/12/26 and 2014/02/18 * minor modifications by Us * * UPDATE 26/08/2021 * mysql Api Replacement * * UPDATE 26/08/2021 * SELECT logic adjusted (result stored in temp. file removed) * * UPDATE 26/08/2021 * Bugfix Undefined variable: csv */ /************************************CONFIG****************************************/ //DATABSE DETAILS// $DB_ADDRESS="localhost"; $DB_USER="Here I placed the DB User"; $DB_PASS="Here I placed my DB Password"; $DB_NAME="Here I placed my DB Name"; //SETTINGS// //This code is something you set in the APP so random people cant use it. $SQLKEY="Here I placed my DB Password"; /************************************CONFIG****************************************/ //these are just in case setting headers forcing it to always expire header('Cache-Control: no-cache, must-revalidate'); error_log(print_r($_POST,TRUE)); if( isset($_POST['query']) && isset($_POST['key']) ){ //checks if the tag post is there and if its been a proper form post //set content type to CSV (to be set here to be able to access this page also with a browser) header('Content-type: text/csv'); if($_POST['key']==$SQLKEY){ //validates the SQL key $query=urldecode($_POST['query']); if(get_magic_quotes_gpc()){ //check if the worthless pile of p magic quotes is enabled and if it is, strip the slashes from the query $query=stripslashes($query); } $conn = new mysqli($DB_ADDRESS,$DB_USER,$DB_PASS,$DB_NAME); //connect if($conn->connect_error){ //checks connection header("HTTP/1.0 400 Bad Request"); echo "ERROR Database Connection Failed: " . $conn->connect_error, E_USER_ERROR; //reports a DB connection failure } else { $result=$conn->query($query); //runs the posted query if($result === false){ header("HTTP/1.0 400 Bad Request"); //sends back a bad request error echo "Wrong SQL: " . $query . " Error: " . $conn->error, E_USER_ERROR; //errors if the query is bad and spits the error back to the client } else { if (strlen(stristr($query,"SELECT"))>0) { //tests if it's a SELECT statement $csv = ''; // bug fix Undefined variable: csv while ($fieldinfo = $result->fetch_field()) { $csv .= $fieldinfo->name.","; } $csv = rtrim($csv, ",")."\n"; echo $csv; //prints header row $csv = ''; $result->data_seek(0); while($row = $result->fetch_assoc()){ foreach ($row as $key => $value) { $csv .= $value.","; } $csv = rtrim($csv, ",")."\n"; } echo $csv; //prints all data rows } else { header("HTTP/1.0 201 Rows"); echo "AFFECTED ROWS: " . $conn->affected_rows; //if the query is anything but a SELECT, it will return the number of affected rows } } $conn->close(); //closes the DB } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; //reports if the secret key was bad } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; } ?>

Let me see that. I will reply soon

You are using an extension by Deephost. We do not allow questions about extensions from Deephost since he doesn’t support them. We strongly advise you not to use them. I unlist and close this.

1 Like