Mysql database connection

Moushampatra26891 · August 30, 2021, 11:26am

Hey Koders,
I have an problem. I have made an app ( Although not completed yet) to submit images/websites to my mysql database server. But even after submission of my form through my app.
Aia : ElectroSearch.aia - Google Drive
Please help me out…
Thanks

Rogerio_Rios · August 30, 2021, 12:04pm

Ideally, you should describe what you want to do and what is going on.
You must also post (here) your relevant blocks and your PHP script.

Avijit · August 31, 2021, 5:35am

I think this post can help you

Moushampatra26891 · August 31, 2021, 5:39am

The error image-

The php code I used-

<?php /* * Written By: ElectroMobileIntell * Date: 26/08/2021 * Contact: [email protected] * * UPDATE 26/08/2021 * The code now returns a real error message on a bad query with the mysql error number and its error message * checks for magic_quotes being enabled and strips slashes if it is. Its best to disable magic quotes still. * Checks to make sure the submitted form is a x-www-form-urlencode just so people dont screw with a browser access or atleast try to * Forces the output filename to be JSON to conform with standards * * UPDATE 26/08/2021 * Code updated to use the Web Module instead of tinywebdb * * UPDATE 2013/12/26 and 2014/02/18 * minor modifications by Us * * UPDATE 26/08/2021 * mysql Api Replacement * * UPDATE 26/08/2021 * SELECT logic adjusted (result stored in temp. file removed) * * UPDATE 26/08/2021 * Bugfix Undefined variable: csv */ /************************************CONFIG****************************************/ //DATABSE DETAILS// $DB_ADDRESS="localhost"; $DB_USER="Here I placed the DB User"; $DB_PASS="Here I placed my DB Password"; $DB_NAME="Here I placed my DB Name"; //SETTINGS// //This code is something you set in the APP so random people cant use it. $SQLKEY="Here I placed my DB Password"; /************************************CONFIG****************************************/ //these are just in case setting headers forcing it to always expire header('Cache-Control: no-cache, must-revalidate'); error_log(print_r($_POST,TRUE)); if( isset($_POST['query']) && isset($_POST['key']) ){ //checks if the tag post is there and if its been a proper form post //set content type to CSV (to be set here to be able to access this page also with a browser) header('Content-type: text/csv'); if($_POST['key']==$SQLKEY){ //validates the SQL key $query=urldecode($_POST['query']); if(get_magic_quotes_gpc()){ //check if the worthless pile of p magic quotes is enabled and if it is, strip the slashes from the query $query=stripslashes($query); } $conn = new mysqli($DB_ADDRESS,$DB_USER,$DB_PASS,$DB_NAME); //connect if($conn->connect_error){ //checks connection header("HTTP/1.0 400 Bad Request"); echo "ERROR Database Connection Failed: " . $conn->connect_error, E_USER_ERROR; //reports a DB connection failure } else { $result=$conn->query($query); //runs the posted query if($result === false){ header("HTTP/1.0 400 Bad Request"); //sends back a bad request error echo "Wrong SQL: " . $query . " Error: " . $conn->error, E_USER_ERROR; //errors if the query is bad and spits the error back to the client } else { if (strlen(stristr($query,"SELECT"))>0) { //tests if it's a SELECT statement $csv = ''; // bug fix Undefined variable: csv while ($fieldinfo = $result->fetch_field()) { $csv .= $fieldinfo->name.","; } $csv = rtrim($csv, ",")."\n"; echo $csv; //prints header row $csv = ''; $result->data_seek(0); while($row = $result->fetch_assoc()){ foreach ($row as $key => $value) { $csv .= $value.","; } $csv = rtrim($csv, ",")."\n"; } echo $csv; //prints all data rows } else { header("HTTP/1.0 201 Rows"); echo "AFFECTED ROWS: " . $conn->affected_rows; //if the query is anything but a SELECT, it will return the number of affected rows } } $conn->close(); //closes the DB } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; //reports if the secret key was bad } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; } ?><?php

/*

Written By: ElectroMobileIntell
Date: 26/08/2021
Contact: [email protected]
UPDATE 26/08/2021
The code now returns a real error message on a bad query with the mysql error number and its error message
checks for magic_quotes being enabled and strips slashes if it is. Its best to disable magic quotes still.
Checks to make sure the submitted form is a x-www-form-urlencode just so people dont screw with a browser access or atleast try to
Forces the output filename to be JSON to conform with standards
UPDATE 26/08/2021
Code updated to use the Web Module instead of tinywebdb
UPDATE 2013/12/26 and 2014/02/18
minor modifications by Us
UPDATE 26/08/2021
mysql Api Replacement
UPDATE 26/08/2021
SELECT logic adjusted (result stored in temp. file removed)
UPDATE 26/08/2021
Bugfix Undefined variable: csv
*/

/CONFIG****/
//DATABSE DETAILS//
$DB_ADDRESS=“localhost”;
$DB_USER=“Here I placed the DB User”;
$DB_PASS=“Here I placed my DB Password”;
$DB_NAME=“Here I placed my DB Name”;

//SETTINGS//
//This code is something you set in the APP so random people cant use it.
$SQLKEY=“Here I placed my DB Password”;

/CONFIG****/

//these are just in case setting headers forcing it to always expire
header(‘Cache-Control: no-cache, must-revalidate’);

error_log(print_r($_POST,TRUE));

if( isset($_POST[‘query’]) && isset($_POST[‘key’]) ){ //checks if the tag post is there and if its been a proper form post
//set content type to CSV (to be set here to be able to access this page also with a browser)
header(‘Content-type: text/csv’);

if($_POST[‘key’]==$SQLKEY){ //validates the SQL key
$query=urldecode($_POST[‘query’]);
if(get_magic_quotes_gpc()){ //check if the worthless pile of p magic quotes is enabled and if it is, strip the slashes from the query
$query=stripslashes($query);
}
$conn = new mysqli($DB_ADDRESS,$DB_USER,$DB_PASS,$DB_NAME); //connect

if($conn->connect_error){                                                           //checks connection
  header("HTTP/1.0 400 Bad Request");
  echo "ERROR Database Connection Failed: " . $conn->connect_error, E_USER_ERROR;   //reports a DB connection failure
} else {
  $result=$conn->query($query);                                                     //runs the posted query
  if($result === false){
    header("HTTP/1.0 400 Bad Request");                                             //sends back a bad request error
    echo "Wrong SQL: " . $query . " Error: " . $conn->error, E_USER_ERROR;          //errors if the query is bad and spits the error back to the client
  } else {
    if (strlen(stristr($query,"SELECT"))>0) {                                       //tests if it's a SELECT statement
      $csv = '';                                                                    // bug fix Undefined variable: csv
      while ($fieldinfo = $result->fetch_field()) {
        $csv .= $fieldinfo->name.",";
      }
      $csv = rtrim($csv, ",")."\n";
      echo $csv;                                                                    //prints header row
      $csv = '';

      $result->data_seek(0);
      while($row = $result->fetch_assoc()){
        foreach ($row as $key => $value) {
          $csv .= $value.",";
        }
        $csv = rtrim($csv, ",")."\n";
      }
      echo $csv;                                                                    //prints all data rows
    } else {
      header("HTTP/1.0 201 Rows");
      echo "AFFECTED ROWS: " . $conn->affected_rows;       //if the query is anything but a SELECT, it will return the number of affected rows
    }
  }
  $conn->close();                                          //closes the DB
}

} else {
header(“HTTP/1.0 400 Bad Request”);
echo “Bad Request”; //reports if the secret key was bad
}
} else {
header(“HTTP/1.0 400 Bad Request”);
echo “Bad Request”;
}
?>
I have just replaced the db user, password and name with what I have written

Moushampatra26891 · August 31, 2021, 5:41am

Sorry, I want to say,
That the code is-

<?php /* * Written By: ElectroMobileIntell * Date: 26/08/2021 * Contact: [email protected] * * UPDATE 26/08/2021 * The code now returns a real error message on a bad query with the mysql error number and its error message * checks for magic_quotes being enabled and strips slashes if it is. Its best to disable magic quotes still. * Checks to make sure the submitted form is a x-www-form-urlencode just so people dont screw with a browser access or atleast try to * Forces the output filename to be JSON to conform with standards * * UPDATE 26/08/2021 * Code updated to use the Web Module instead of tinywebdb * * UPDATE 2013/12/26 and 2014/02/18 * minor modifications by Us * * UPDATE 26/08/2021 * mysql Api Replacement * * UPDATE 26/08/2021 * SELECT logic adjusted (result stored in temp. file removed) * * UPDATE 26/08/2021 * Bugfix Undefined variable: csv */ /************************************CONFIG****************************************/ //DATABSE DETAILS// $DB_ADDRESS="localhost"; $DB_USER="Here I placed the DB User"; $DB_PASS="Here I placed my DB Password"; $DB_NAME="Here I placed my DB Name"; //SETTINGS// //This code is something you set in the APP so random people cant use it. $SQLKEY="Here I placed my DB Password"; /************************************CONFIG****************************************/ //these are just in case setting headers forcing it to always expire header('Cache-Control: no-cache, must-revalidate'); error_log(print_r($_POST,TRUE)); if( isset($_POST['query']) && isset($_POST['key']) ){ //checks if the tag post is there and if its been a proper form post //set content type to CSV (to be set here to be able to access this page also with a browser) header('Content-type: text/csv'); if($_POST['key']==$SQLKEY){ //validates the SQL key $query=urldecode($_POST['query']); if(get_magic_quotes_gpc()){ //check if the worthless pile of p magic quotes is enabled and if it is, strip the slashes from the query $query=stripslashes($query); } $conn = new mysqli($DB_ADDRESS,$DB_USER,$DB_PASS,$DB_NAME); //connect if($conn->connect_error){ //checks connection header("HTTP/1.0 400 Bad Request"); echo "ERROR Database Connection Failed: " . $conn->connect_error, E_USER_ERROR; //reports a DB connection failure } else { $result=$conn->query($query); //runs the posted query if($result === false){ header("HTTP/1.0 400 Bad Request"); //sends back a bad request error echo "Wrong SQL: " . $query . " Error: " . $conn->error, E_USER_ERROR; //errors if the query is bad and spits the error back to the client } else { if (strlen(stristr($query,"SELECT"))>0) { //tests if it's a SELECT statement $csv = ''; // bug fix Undefined variable: csv while ($fieldinfo = $result->fetch_field()) { $csv .= $fieldinfo->name.","; } $csv = rtrim($csv, ",")."\n"; echo $csv; //prints header row $csv = ''; $result->data_seek(0); while($row = $result->fetch_assoc()){ foreach ($row as $key => $value) { $csv .= $value.","; } $csv = rtrim($csv, ",")."\n"; } echo $csv; //prints all data rows } else { header("HTTP/1.0 201 Rows"); echo "AFFECTED ROWS: " . $conn->affected_rows; //if the query is anything but a SELECT, it will return the number of affected rows } } $conn->close(); //closes the DB } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; //reports if the secret key was bad } } else { header("HTTP/1.0 400 Bad Request"); echo "Bad Request"; } ?>

Moushampatra26891 · August 31, 2021, 5:44am

Let me see that. I will reply soon

Peter · August 31, 2021, 5:48am

Peter · August 31, 2021, 5:48am

Peter · August 31, 2021, 5:49am

You are using an extension by Deephost. We do not allow questions about extensions from Deephost since he doesn’t support them. We strongly advise you not to use them. I unlist and close this.