#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Location
    Colorado
    Posts
    11
    Rep Power
    0

    Database unexpected error


    Okay, so a little forward to explain what I'm doing. I'm trying to learn php, I've tried to use books before to no avail. I got discouraged after several attempts a few years ago and got the urge to really dive in no matter how frustrating it is and immerse myself. So I thought I would follow a blog tutorial and then try to look up ways to improve upon it and add new features and tinker with it.

    I tried to follow a different tutorial to build a forum from scratch so that I could just practice things to get the repetitiveness and get comfortable writing the code out instead of copy and pasting.

    In this code, you'll see at the body of the last part I am trying to call to the database to get the list of categories, but I get the error I told it to print if there was an error. I can't figure out what is wrong. I also apologize if the code is ugly or if I have unnecessary stuff in there.

    PHP Code:

    <?php

    session_start
    ();

    include_once(
    '../includes/config.php');

    if(isset(
    $_SESSION['logged_in'])) {
        
    ?>
    <html>
        <head>
            <title>Janden's Forum Experiment</title>
            <link rel="stylesheet" href="../assets/style.css" />
        </head>
        
        <body>
            <div class="container">
                <a href="index.php" id="logo">Janden's Forum Experiment</a>
                <br><?php if(isset($_SESSION['logged_in'])) { echo '<small style="color:red">You are logged in as a mother****er right now.</small>'; }
            
                if(isset(
    $error)) { ?>
                    <small style="color:#aa0000;"><?php echo $error?>
                    <br /><br />    
                <?php ?>
                <br><br>
    <!--Displays a little menu below the content. If a user is logged in, it will give the option to logout.-->
                <small><a href="../index.php">home</a></small>&nbsp;&nbsp;<small><a href="../admin">admin</a></small>&nbsp;&nbsp;<small><a href="index.php">forum</a></small>&nbsp;&nbsp;<?php if(isset($_SESSION['logged_in'])) { echo '<small><a href="logout.php">Logout</a></small>'; }?>
                </ul>
            </div>
            </div>
        </body>
    </html>

        <?php 
    } else {
        if(isset(
    $_POST['username'], $_POST['password'])) {
            
    $username $_POST['username'];
            
    $password md5($_POST['password']);
            
            if(empty(
    $username) or empty($password)) {
                
    $error 'All fields are required, mother****er!';
            } else {
                
    $query $pdo->prepare("SELECT * FROM users WHERE user_name = ? AND user_password = ?");
                
                
    $query->bindValue(1$username);
                
    $query->bindValue(2$password);    
                
                
    $query->execute();
                
                
    $num $query->rowCount();
                
                if (
    $num == 1) {
                    
    // user entered correct details
                    
    $_SESSION['logged_in'] = true;
                    
    header('Location: index.php');
                    exit();
                } else {
                    
    // user entered false details 
                    
    $error 'You could not be more wrong.';
                }
            } 
        }
        
        
    ?>
        
    <html>
        <head>
            <title>Janden's Forum Experiment</title>
            <link rel="stylesheet" href="../assets/style.css" />
        </head>
        
        <body>
            <div class="container">
                <a href="index.php" id="logo">Janden's Forum Experiment</a>
                
                <br>
                <br>
                
                <?php if(isset($error)) { ?>
                    <small style="color:#aa0000;"><?php echo $error?>
                    <br>
                    <br>    
                <?php ?>
                <form action="index.php" method="post" autocomplete="off">
                    <input type="text" name="username" placeholder="Username" />
                    <input type="password" name="password" placeholder="Password" />
                    <input type="submit" value="Login" />
                </form>
                <br>
                <small><a href="../index.php">home</a></small>&nbsp;&nbsp;<small><a href="../admin/index.php">admin</a></small>&nbsp;&nbsp;<small><a href="index.php">forum</a></small>
            </div>
        </body>
    </html>

    <?php
    }
    $query "SELECT * FROM 'categories' ORDER BY 'id';";
    $result = @mysql_query("$query") or die('<p class="error">There was an unexpected error grabbing **** from the database.</p>');  
      
    ?><ul><!--?  
    </pre--><p>On the first line, we create a new SQL query to "Retrieve all fields from the 'categories' table, order them descending by the 'ID'".</p><p>On the second line we execute the query and store it in $result. We now:</p><pre name="code" class="php">while ($row = mysql_fetch_array($result)) {  
      
        $etitle = stripslashes($row['category_title']);  
        $edescr = stripslashes($row['category_description']);  
        $elastpost = stripslashes($row['last_post_date']);  
          
        $grav_url = "(the web address would go here )".md5(strtolower($eemail))."&size=70";   
          
        echo('<li><div class="meta"><img src="'.$grav_url.'" alt="Gravatar"> 
        <p>'.$ename.'</p></div><div class="shout"><p>'.$epost.'</p></div></li>');  
      
    }  
    ?></pre></ul>  

    ?>
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Intermediate (1500 - 1999 posts)

    Join Date
    Sep 2006
    Posts
    1,947
    Rep Power
    533
    What does your error say? I think it has something to do with your excessive quotes. Also, why not stick with PDO for all query calls. I would recommend something like the following. Lastly, try to get out of the habit of using SELECT *, and specifically call out the columns you want.

    PHP Code:
    function sql_error($e,$sql)
    {
        
    $error=
        
    'Error in query:<br />'
        
    .$sql.'<br />'
        
    .$e->getMessage().'<br />
        File Name: '
    .$e->getFile().'<br />
        Line: '
    .$e->getLine().'<br />
        Time of Error: '
    .date("l F j, Y, G:i:s T");
        if (
    stristr($_SERVER['HTTP_HOST'], 'local') || (substr($_SERVER['HTTP_HOST'], 07) == '192.168')){echo($error);}
        else{
    syslog(LOG_INFO,'SQL Error '.$sql.', '.$e->getMessage().', file:'.$e->getFile().' line:'.$e->getLine());}
    }



    try
    {
        
    $sql"SELECT * FROM categories ORDER BY id";
        
    $sql$pdo->query($sql);
    }
    catch(
    PDOException $e){die(sql_error($e,$sql));} 
  4. #3
  5. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi janden,

    I strongly advice you to stop copying and pasting code. A lot of the free PHP code you'll find online is crap. It was written by clueless amateurs somewhere in the 90s and has never been update since. It's full of security holes, bad practices and obsolete stuff. Many functions they use -- including your mysql_query() -- do not even exist any longer or are on their way of being killed off.

    If you wanna learn PHP, you need to write your own code. It won't be perfect at first, but it will be your code. You'll actually learn from it, because you know what it does. And if you're willing to learn and improve, you'll surpass 99% of the PHP tutorial writers very soon.

    Don't start with a big project you can hardly pull off. Choose something simple like a guest book or a calender. Learn how to use PDO, which is the current database interface for PHP (this mysql_ stuff is long obsolete). Also inform yourself about the security risks you'll be facing as a web programmer. When your first project is finished and you're satisfied with it, then you might start with bigger stuff.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Location
    Colorado
    Posts
    11
    Rep Power
    0
    Thanks a ton, and esp. for the advice. My plan was to immerse myself in php and I figured there were a lot more elements that were common amongst web applications that I'd get a look at quicker. I never just copy and past the code, I type it all out, and I try to find only tutorials that are recent.

    My thinking behind that was that I realize there would be good code and not so good code out there, but it would still be better code than I know. I only wanted to use it to get a structure down for something I can use, so the blog tutorial was a great start for me.

    I agree that it's better to try to figure it out on your own, I've been able to update a lot of things in the code by looking up the documentation, but sometimes looking something up for a web app brings up mostly tutorials so I have to sift through and try to piece things together.

    Also, I actually did try to get the second thing to work with pdo but I couldn't figure it out completely. The pdo part was the only thing the guy in the blog tutorial didn't explain. Thanks again, though!

    Oh, and NotionCommotion, the error I got was from the or die part of the code:

    Code:
    or die('<p class="error">There was an unexpected error grabbing stuff from the database.</p>');

IMN logo majestic logo threadwatch logo seochat tools logo