4

On one of my servers I've had a strange thing happen.

Normally, when a script does mysql_query($query) it just works if mysql_connect() was successfully called beforehand.

Now, it isn't working more than half the time. Now I've suddenly had to edit an entire shopping cart worth of mysql_query calls to include what used to be an optional DB link. In other words mysql_query($query, $db_link) is now what the code looks like.

I've done this temporarily so that visitors can still use the site but I really need to know what could have caused such an event.

Is there some setting that could have somehow changed in one of the php.ini files that would cause this? I know I wasn't touching them when this happened and I was the only one logged into the server at the time (as far as I can tell).

eComEvo
  • 11,669
  • 26
  • 89
  • 145
  • Are you sure there isn't another `mysql_connect()` now occurring in your scripts? I don't believe this behavior is configurable. – Brad Jul 29 '13 at 02:34
  • Can I get the link to the shopping cart that uses `mysql_?` – Ohgodwhy Jul 29 '13 at 02:38
  • @Ohgodwhy: Every shopping cart on the web still using old code. There's probably a lot of them. :) – Herbert Jul 29 '13 at 03:10
  • @Herbert Yes, very sadly, most of them do. I use PDO code whenever I can. So much more flexible and so much easier to make fault tolerant! – eComEvo Jul 29 '13 at 14:17

1 Answers1

2

Calling mysql_query() without a connection parameter will use the most recently established connection. So as long as you're only connecting to one database, you won't see any problems.

From the docs:

If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If no connection is found or established, an E_WARNING level error is generated.

If you add or include some new code that's connecting to a different database though - perhaps a hit tracker, or an analytics tool, for example - then that can break your existing code because it establishes another mysql connection - and any of your queries that happen after that new connection is established will now be using the wrong connection.

This will happen even if the extra code is properly written and always uses its own connection identifier - it won't have problems of accidentally using your connection, but your code will still accidentally use its connection.

To safely use mysql_query(), you really need to keep track of the database connection, and use it in every query.

All that being said - if you're making changes to all the mysql_* calls anyways, please consider switching to mysqli. The mysql_* functions are deprecated and no longer supported. The mysqli extension can be almost a drop-in replacement, and also provides support for features such as prepared statements.

The PDO extension is another possible replacement, but would require a bit more rewriting when switching from using mysql_*.

Community
  • 1
  • 1
jcsanyi
  • 8,133
  • 2
  • 29
  • 52
  • So, I'm not a fan of the old mysql_* functions. Most of my classes I've developed use PDO. Could my classes that use PDO be causing these conflicts with the mysql_* procedural functions? I do know the PDO ones sometimes connect across databases. – eComEvo Jul 29 '13 at 14:13
  • As far as I know, only `mysql_connect()` connections will be used when determining the default (most-recently established) connection for `mysql_query()`. – jcsanyi Jul 29 '13 at 15:52