#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Posts
    100
    Rep Power
    0

    Mysqli_connect_errno ??


    $mysqli = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);

    if (mysqli_connect_errno()) {

    printf("Connect failed: %s\n", mysqli_connect_error());

    exit();

    Why we are using mysqli_connect_errno() in parameter and in statement we are using msqli_connect_error() ??
    What is the reason for it?
  2. #2
  3. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,295
    Rep Power
    9400
    Because they do two different things. Read the documentation.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Posts
    100
    Rep Power
    0

    hmm


    Originally Posted by requinix
    Because they do two different things. Read the documentation.
    Hmm got it !
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    stop fumbling with this "errno" stuff and enable exceptions instead:

    PHP Code:
    <?php

    // enable exceptions in MySQLi driver
    $mysqli_driver = new mysqli_driver();
    $mysqli_driver->report_mode MYSQLI_REPORT_ERROR MYSQLI_REPORT_STRICT;

    $database = new mysqli('localhost''user''pw''db');
    This will automatically throw an exception (a special fatal error) whenever the connection or a query goes wrong.

    Writing your own error messages with printf(), die() or whatever is a bad idea and a huge security risk, because you lose control over your error reporting. Actual error messages can be turned on and off globally, so you can display them during development and suppress them when the site goes live. But a printf() cannot be turned off. It always fires, regardless of whether it's you testing your site on your local PC or a visitor looking at the site on the Internet.

    Displaying internal database errors irritates legitimate users and helps attackers to gather information about your system. Not exactly a good outcome, right? So get away from this home-made error reporting and use real error reporting, either with exceptions or with trigger_error().

    Check the security sins in my signature for a longer explanation.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Posts
    100
    Rep Power
    0
    Originally Posted by Jacques1
    Hi,

    stop fumbling with this "errno" stuff and enable exceptions instead:

    PHP Code:
    <?php

    // enable exceptions in MySQLi driver
    $mysqli_driver = new mysqli_driver();
    $mysqli_driver->report_mode MYSQLI_REPORT_ERROR MYSQLI_REPORT_STRICT;

    $database = new mysqli('localhost''user''pw''db');
    This will automatically throw an exception (a special fatal error) whenever the connection or a query goes wrong.

    Writing your own error messages with printf(), die() or whatever is a bad idea and a huge security risk, because you lose control over your error reporting. Actual error messages can be turned on and off globally, so you can display them during development and suppress them when the site goes live. But a printf() cannot be turned off. It always fires, regardless of whether it's you testing your site on your local PC or a visitor looking at the site on the Internet.

    Displaying internal database errors irritates legitimate users and helps attackers to gather information about your system. Not exactly a good outcome, right? So get away from this home-made error reporting and use real error reporting, either with exceptions or with trigger_error().

    Check the security sins in my signature for a longer explanation.

    You know friends ... I am on initial phase of PHP so my teacher told me to understand the basic by this old system then head along with new one. Thanks very much for all this kind information ! ... As time passes I`ll get on the track with new codes so please keep me guiding with old one to understand the PHP !

IMN logo majestic logo threadwatch logo seochat tools logo