OS and Software > Webmasters and Developers > Problems connecting to a database

Problems connecting to a database

<?php
$hostname='localhost'; //// specify host, i.e. 'localhost'
$user=''; //// specify username
$pass=''; //// specify password
$dbase=''; //// specify database name
$connection = mysql_connect("$hostname" , "$user" , "$pass") 
or die ("Can't connect to MySQL");
$db = mysql_select_db($dbase , $connection) or die ("Can't select database.");
?>
 

That should work, supposing of course that you had valid values in place of the blanks shown where you set $user, $pass, and $dbase.

What happens when you do that? What error do you get back?
--
Scott Brown Consulting

reply to treichhart

$db = mysql_select_db($dbase , $connection) or die ("Can't select database:\n" . mysql_error());
 

reply to treichhart
I am getting error saying cant connect database

Then $hostname, $user and $pass are invalid.

reply to treichhart
when I put the correct information in I still get cant connect to the database.

I took out that information before I posted it here for security reasons.

What are you running on.
Local, wampserver would use databasename whatever you pick.
On a LINUX host it could be accountname_databasename

Or a case sensitive issue ... something like that.
Does $user have access to that database?

reply to treichhart
Alright I found out the issue it was the coding in the pages I was having because it had id for the main part for look up.

but now when I add the address the index.php page shows the database empty but when I login to my phpmyadmin it shows the addresses in there.

the main database only haves these 2 settings:

address:
goto:

If anybody wants to take look at my coding of my other pages I am more then happy to post it.

reply to treichhart
Alright I was able to get the script to add names but having issues on deleting from database and updating:
here is what I seen when myphpmyadmin tries to update:
UPDATE `vmail`.`alias` SET `goto` = 'someuser@gmail.com' WHERE `alias`.`address` = user@nwohiobb.com';

and this what what I got on my update script:
$update = "UPDATE alias SET address = '$address', goto = '$goto', domain = '$domain' WHERE address = '$address' ";
that part is for my updated.php page
and here is bit of my update.php page code

<?php
include("connect.php");
$qP = "SELECT * FROM alias WHERE address = '$address'  ";
$rsP = mysql_query($qP);
$row = mysql_fetch_array($rsP);
extract($row);
$address = trim($address);
$goto = trim($goto);
$domain = trim($domain);
 

 <?php
$id = $_GET['address'];?>
<div align="center">
<h2>Are you sure?</h2>
<h2><a href="deleted.php?id=<?php echo "$id" ?>">Yes</a> - <a href="index.php">No</a></h2>
</div>
 

<a href="index.php">Back to List</a><br>
<br>
<?php 
include("connect.php");
$id = $_GET['address'];
$delete = "DELETE FROM alias WHERE alias = '$address' ";
mysql_query($delete);
mysql_close();
echo "Entry deleted";
?>
 

There are a lot of typos in your code excerpts which make it difficult to help you. Immediately, your code as shown is extremely vulnerable to sql injection, and should not be deployed in a public facing posture, lest your database be wrecked in no time. Not the help you're looking for I know but I'd be remiss not to say.
--
Scott Brown Consulting

reply to treichhart
Well they would have to find the code first of all and nobody can even access the page.

So what can I do get this fix?

They use automated tools to mine for the exact sql injection attack code. It's not hard because your html form provides most of what the tool needs to know, then it just tries several standard values. You can protect against injection by filtering any user input through mysql_real_escape_string() before you pass it into a query.
--
Scott Brown Consulting

reply to treichhart
One obvious error is that you're invoking deleted.php from delete.php like this:

deleted.php?id=

but inside deleted.php you're doing a $_GET on 'address'

$_GET['address'];

In order to $_GET 'address', you'd need to invoke deleted.php like this:

deleted.php?address=

not

deleted.php?id=

I don't see the code that calls delete.php, so you may also have a $_GET problem there...

--
V-Rtifacts - When Virtual Reality Was More Than Virtual

reply to treichhart
Assuming that somebody is typing in the string that becomes $address, all they have to do to delete the entire contents of the table is to type in:

' OR 1'

including the single quotes. You wind up with this query:

DELETE FROM alias WHERE alias = '' OR 1

--
V-Rtifacts - When Virtual Reality Was More Than Virtual

reply to treichhart
Alright I tried that correction and still not working for delete from the database.

reply to treichhart
Well... you might as well post your current code, if you want help.

As I read it:

DELETE FROM alias WHERE alias = '$address'

it says: delete row(s) from a table named alias where the table named alias is equal to the variable $address. Makes no sense.

MySQL syntax would try to say: delete row(s) from the table alias where some_column_in_the_table_alias is equal to $address.

Assuming 'alias' is a table within your current database, and 'the_email' is a column in that table, then the MySQL syntax would be:

DELETE FROM alias WHERE the_email = '$address'

Maybe you could start here: »www.w3schools.com/sql/default.asp

--
V-Rtifacts - When Virtual Reality Was More Than Virtual

reply to treichhart
Alright when I delete the address inside of phpmyadmin it shows like this:

DELETE FROM `vmail`.`alias` WHERE `alias`.`address` = 'test7@domain.com';

this is the code from delete.php

<?php
$id = $_GET['address'];?>
<div align="center">
<h2>Are you sure?</h2>
<h2><a href="deleted.php?address=<?php echo "$id" ?>">Yes</a> - <a href="index.php">No</a></h2>
</div>
 

<a href="index.php">Back to List</a><br>
<br>
<?php 
include("connect.php");
 
$id = $_GET['address'];
 
$delete = "DELETE FROM alias WHERE id = '$id' ";
mysql_query($delete);
mysql_close();
 
echo "Entry deleted";
 
?>
 

You have to do DELETE FROM alias WHERE address = '$id' as opposed to DELETE FROM alias WHERE id = '$id'.

"id" is not a column of the table, "address" is. "$id" is a variable meaningful only in the scope of your php script.

You really have to do your own debugging, since you're in a much better position than us to set stop points in your code, issue diagnostic output, and consider and act upon it, like a normal person.

reply to treichhart
I got the issue fix what I did was this:

inside my index.php it was this:

echo "<a href=\"update.php?id=$id\">Update</a> <a href=\"delete.php?id=$id\">Delete/a>"; 
 

"<a href=\"update.php?id=$id\">Update</a> <a href=\"delete.php?address=$address\">Delete</a>"; 
 

<?php
$address = $_GET['address'];?>
<div align="center">
<h2>Are you sure?</h2>
<h2><a href="deleted.php?address=<?php echo "$address" ?>">Yes</a> - <a href="index.php">No</a></h2>
</div>
 

<?php
$id = $_GET['address'];?>
<div align="center">
<h2>Are you sure?</h2>
<h2><a href="deleted.php?address=<?php echo "$id" ?>">Yes</a> - <a href="index.php">No</a></h2>
</div>
 

<a href="index.php">Back to List</a><br>
<br>
<?php 
include("connect.php");
 
$address = $_GET['address'];
 
$delete = "DELETE FROM alias WHERE address = '$address' ";
mysql_query($delete);
mysql_close();
 
echo "Entry deleted";
 
?>
 

<a href="index.php">Back to List</a><br>
<br>
<?php
include("connect.php");
  
$id = $_GET['address'];
  
$delete = "DELETE FROM alias WHERE id = '$id' ";
mysql_query($delete);
mysql_close();
  
echo "Entry deleted";
  
?>
 

reply to treichhart
Why dont you just use a PHP framework...????

It would be easier for you to get it done and you'll be increasing the security of your code as frameworks automatically escape the queries...

CakePHP
CodeIgniter
Zend
symphony

Just to name a few.