[RESOLVED] Problem with mysqli_real_escape_string
Results 1 to 8 of 8

Thread: [RESOLVED] Problem with mysqli_real_escape_string

  1. #1
    Silver surfer
    Join Date
    Nov 2007
    Posts
    89

    resolved [RESOLVED] Problem with mysqli_real_escape_string

    In my registration page When I try to register a new person with the registration page I get this Notice/Warning message:

    // Create a connection to the logindb database. // Set the encoding and the access details as constants: DEFINE ('DB_USER', 'william'); DEFINE ('DB_PASSWORD', 'kat0nlap'); DEFINE ('DB_HOST', 'localhost'); DEFINE ('DB_NAME', 'logindb'); // Make the connection: $dbcon = new mysqli('DB_HOST', 'DB_USER', 'DB_PASSWORD', 'DB_NAME'); // Set the encoding...optional but recommended mysqli_set_charset($dbcon, 'utf8');

    Notice: Undefined variable: dbcon in C:\xampp\htdocs\login\register-page.php on line 36

    Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given in C:\xampp\htdocs\login\register-page.php on line 36

    The notice/warning is repeated for each element where mysqli_real_escape_string is used.

    The relevant first section of the registration page is as follows:

    <!doctype html>
    <html lang=en>
    <head>
    <title>Register page</title>
    <meta charset=utf-8><!--important prerequisite for escaping strings -->
    <link rel="stylesheet" type="text/css" href="styles.css">
    <style type="text/css">
    p.error { color:red; font-size:105%; font-weight:bold; text-align:center; }
    </style>
    </head>
    <body>
    <div id="container">
    <header>
    <?php include("register-header.php"); ?>
    </header>
    <nav>
    <?php include("nav.php"); ?>
    </nav>
    <aside>
    <?php include("info-col.php"); ?>
    </aside>
    <div id="content"><!-- Start of the page content. -->
    <p>
    <?php
    // This script performs an INSERT query that adds a record to the users table.
    // If the form was filled out the PHP code is executed
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    try { // moved here for escape_strings
    require ('mysqli_connect.php'); // moved for require escape strings
    $errors = array(); // Initialize an error array.
    // --------------------Validate first name-------------
    // Was the first name entered?
    if (empty($_POST['fname'])) {
    $errors[] = 'You did not enter your first name.';
    }
    else { $fn = mysqli_real_escape_string($dbcon, trim($_POST['fname']));
    }

  2. #2
    Pedantic Curmudgeon Weedpacket's Avatar
    Join Date
    Aug 2002
    Location
    General Contact Unit "Coping Mechanism"
    Posts
    22,503
    When posting code, please use the code formatting tags to format your post to make it easier to read.

    The error messages are saying that $dbcon is not defined. Check that.
    THERE IS AS YET INSUFFICIENT DATA FOR A MEANINGFUL ANSWER
    FAQs! FAQs! FAQs! Most forums have them!
    Search - Debugging 101 - Collected Solutions - General Guidelines - Getting help at all

  3. #3
    Silver surfer
    Join Date
    Nov 2007
    Posts
    89
    Hello Weedpacket

    Many thanks for your prompt reply.

    The $dbcon is defined, and this is what is so frustrating.

    It is defined in the file named mysqli_connect.php which contains the following code:

    // Create a connection to the logindb database.
    // Set the encoding and the access details as constants:
    DEFINE ('DB_USER', 'william');
    DEFINE ('DB_PASSWORD', 'kat0nlap');
    DEFINE ('DB_HOST', 'localhost');
    DEFINE ('DB_NAME', 'logindb');
    // Make the connection:
    $dbcon = new mysqli('DB_HOST', 'DB_USER', 'DB_PASSWORD', 'DB_NAME');
    // Set the encoding...optional but recommended
    mysqli_set_charset($dbcon, 'utf8');

    The file is then invoked in the registration page in the line:

    // This script performs an INSERT query that adds a record to the users table.
    // If the form was filled out the PHP code is executed
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    try { // moved here for escape_strings
    require ('mysqli_connect.php'); // moved for require escape strings

    Best wishes
    Awestruck

  4. #4
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    14,843
    Is the definition working?
    PHP Code:
    // Make the connection:
    $dbcon = new mysqli('DB_HOST''DB_USER''DB_PASSWORD''DB_NAME');
    // did it work?
    if($dbcon == false){
        die(
    "DB connection failed: ".mysqli_connect_error());

    You could make more user-friendly error-reporting, but this will at least let you know if that's where the problem is.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  5. #5
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    14,843
    Oh...wait...you define your connection parameters as constants but use them as strings. Don't quote constants:
    PHP Code:
    // Make the connection:
    $dbcon = new mysqli(DB_HOSTDB_USERDB_PASSWORDDB_NAME); 
    PS: Make sure you change your DB password since you've shown it here.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  6. #6
    Senior Member
    Join Date
    Apr 2016
    Posts
    121
    If the output you are seeing on the web page contains the raw content of the mysqli_connect.php file, that file most likely doesn't contain an opening <?php tag.
    Programming should not be a painful activity. If you are experiencing pain while programming, you are probably doing something wrong.

  7. #7
    Silver surfer
    Join Date
    Nov 2007
    Posts
    89
    Many thanks NogDog and pbismad,

    A combination of your two replies solved the problem.

    Another problem has now occurred further down the code for the registration page.
    I will get back to you on that tomorrow.

    The password I displayed in the above code is not the actual password.

    Best wishes
    Awestruck

  8. #8
    Settled 4 red convertible dalecosp's Avatar
    Join Date
    Jul 2002
    Location
    Accelerating Windows at 9.81 m/s....
    Posts
    8,493
    Quote Originally Posted by Weedpacket View Post
    When posting code, please use the code formatting tags to format your post to make it easier to read.
    Quote Originally Posted by Awestruck View Post
    Hello Weedpacket

    Many thanks for your prompt reply.

    The $dbcon is defined, and this is what is so frustrating.

    It is defined in the file named mysqli_connect.php which contains the following code:

    // Create a connection to the logindb database.
    // Set the encoding and the access details as constants:
    DEFINE ('DB_USER', 'william');
    DEFINE ('DB_PASSWORD', 'kat0nlap');
    DEFINE ('DB_HOST', 'localhost');
    And for the record, here at PHPBuilder those tags are [php][/php] for PHP code and [code][/code] for other languages/systems.
    /!!\ mysql_ is deprecated --- don't use it! Tell your hosting company you will switch if they don't upgrade! /!!!\ ereg() is deprecated --- don't use it!

    dalecosp "God doesn't play dice." --- Einstein "Perl is hardly a paragon of beautiful syntax." --- Weedpacket

    Getting Help at All --- Collected Solutions to Common Problems --- Debugging 101 --- Unanswered Posts --- OMBE: Office Machines, Business Equipment

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •