Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Whats wrong with my PHP/MySQL code ? 3

Status
Not open for further replies.

jw1234

Technical User
Oct 3, 2010
10
GB
I've done a little PHP in the past but this is probably a simple PHP/MySQL issue from a YouTube tutorial which the author say does work. Here's that tutorial



Now I am trying to do exactly this just with a few more fields we have a domain called and we are just trying to upload some pictures and text into a MySQL database, that's all for the moment.

This SHOULD store the picture and details in the database table called "properties" but there seems to be an error my error log is here from the domain.


--------------------------------
[Fri Jul 13 10:12:08 2012] [error] PHP Warning: mysql_connect() [<a href='function.mysql-connect'>function.mysql-connect</a>]: Access denied for user 'web233-smt-web_1'@'localhost' (using password: YES) in /home/sites/kenilworthcomputerrepairs.com/public_html/mobilepropertysearch.co.uk/StoreInfo.php on line 2, referer:
[Fri Jul 13 10:12:08 2012] [error] PHP Warning: mysql_select_db(): supplied argument is not a valid MySQL-Link resource in /home/sites/kenilworthcomputerrepairs.com/public_html/mobilepropertysearch.co.uk/StoreInfo.php on line 3, referer:
[Fri Jul 13 10:12:08 2012] [error] PHP Warning: file_get_contents() [<a href='function.file-get-contents'>function.file-get-contents</a>]: Filename cannot be empty in /home/sites/kenilworthcomputerrepairs.com/public_html/mobilepropertysearch.co.uk/StoreInfo.php on line 10, referer:

[Fri Jul 13 10:12:08 2012] [error] PHP Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /home/sites/kenilworthcomputerrepairs.com/public_html/mobilepropertysearch.co.uk/StoreInfo.php on line 20, referer: ---------------------------------


HERE'S MY CODE FOR THE DATABASE STORING PART index.html is at
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);

$conn = mysql_connect("localhost","web233-smt-web_1","web233-smt-web_1","john041066");
$db= mysql_select_db("properties",$conn);

if(!$db)
{
echo mysql_error();
}

$image = addslashes (file_get_contents($_FILES['image']['tmp_name']));
$imgtype = $image['mime'];

$salerent = $_POST['salerent'];
$proptype = $_POST['proptype'];
$bedrooms = $_POST['bedrooms'];
$address = $_POST['address'];
$price= $_POST['price'];

$q ="INSERT INTO properties VALUES('$image','$salerent','$proptype','$bedrooms','$address','$price')";
$r = mysql_query($q,$conn);

if($r)
{
echo "Information Stored Successfully";
}

else

{
echo mysql_error();
}

?>

Please can someone help me out ? I am sure this is reasonably easy

Thanks

John Wheatcroft
 
Hi
[ul]
[li]Do not use unchecked values in SQL statements. Use [tt]mysql_real_escape_string()[/tt] on each value to avoid SQL injection vulnerability.[/li]
[li]Double check the connection parameters to MySQL with your provider/system administrator. Your first and biggest problem is the connection. See if the database server is running, accepting connections, listening on the default port, the user exists, has permission to connect from remote location, the password is correct.[/li]
[li]Before trying to put the image into to database, some checks should be done. For example, whether a file was uploaded, the file is an image, the file size is in an accepted range.[/li]
[li]The line [tt]$imgtype = $image['mime'];[/tt] looks completely wrong. $image holds the raw data of your image, it is not an array.[/li]
[li]Regarding [tt]addslashes()[/tt], its documentations says :
addslashes() said:
It's highly recommended to use DBMS specific escape function
[/li]
[li]Personally I hate to store binary files in the database. The filesystem alone does it much better. The database is perfect to store the images' metadata so they can be easily searched/sorted, but there is no good[sup](*)[/sup] reason to also store the images themselves.[/li]
[/ul]
[small](*) Yes, there are reasons. Like consistent permission checking and monolithic dumps. I do not consider them good reasons.[/small]


Feherke.
[link feherke.github.com/][/url]
 
Hi and Thanks

Yes I know the database server is running and yes I have checked with the ISP that I have the parameters in the corerect order - so I know that that is all correct, no question about that.

I have watched the tutorial and it DOES actually work. I do not need to make the checks you are suggesting for this particular application at all as this is more of the admion side NOT the user side at all and the numbers concerned are small enough for it not to be an issue.

I'll modify the tutorial code to get it to work hopefully
 
Hi

John said:
Yes I know the database server is running and yes I have checked with the ISP that I have the parameters in the corerect order - so I know that that is all correct, no question about that.
Can you connect to the database with other tool, for example [tt]mysql[/tt], the MySQL command-line tool ?
Can you connect to the database from other machines ?


Feherke.
[link feherke.github.com/][/url]
 
Access denied for user 'web233-smt-web_1'@'localhost' (using password: YES) in ...

This tells me that either your password is incorrect, or said user does not have the correct permissions to connect to the database.

Looking at your connection:

Code:
$conn = mysql_connect("localhost","web233-smt-web_1","web233-smt-web_1","john041066");

Is your password the same as your user?
What would the john041066 be then?

I strongly suggest you take a look at the Php online manual, for the functions, their parameters, usage, and return values.





----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Web & Tech
 
Just a side thought on this issue. One of my clients kept images and other blob-type files in a MySql database and it worked great, but it only took a couple years for his nightly database backup dumps to become so large as to be completely unmanageable.

You may have a better backup/replication scheme in place than we had, but we wound up pulling the images from the database and writing them to the filesystem where a daily rsync process syncs up just the day's new files to an offsite backup, and our database dumps dropped from 100+GB to around 100MB.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top