php mysqli_query not executin either echo is showing in url

Question

I am not that good in php however the below code was working before I changed thr host name. the echo is not showing when I load the url , neither the insert is being executed.

$con = mysqli_connect($host,$uname,$pwd,$db);
echo 'hi'
$description= $_GET['description'];
$categorie= $_GET['categorie'];
$image=$_POST['image'];
$imagename = uniqid("uploaded_images").".png";
$imageurl="http://justedhak.com/".$imagename;

     $binary=base64_decode($image);
    header('Content-Type: bitmap; charset=utf-8');
    $file = fopen($imagename, 'wb');
    fwrite($file, $binary);
    fclose($file);

$sql="INSERT INTO OBJECTS( NAME, TYOE, URL, CATEGORY, USERS_ID, HIDE_YN ) 
VALUES ('$imagename',  'IMAGE',  '$imageurl',  'CATEG' , 1,  'N')";

 if(mysqli_query($con,$sql)){
echo $sql
}
else{
echo 'failure';
  }
mysqli_close($con);

Errors

Warning: mysqli_connect(): (28000/1045): Access denied for user 'je_user'@'ip-160-153-162-16.ip.secureserver.net' (using password: YES) in /home/justdb/public_html/upload_image.php on line 7

Notice: Undefined index: description in /home/justdb/public_html/upload_image.php on line 9

Notice: Undefined index: categorie in /home/justdb/public_html/upload_image.php on line 10

Notice: Undefined index: image in /home/justdb/public_html/upload_image.php on line 11

Warning: Cannot modify header information - headers already sent by (output started at /home/justdb/public_html/upload_image.php:6) in /home/justdb/public_html/upload_image.php on line 16

Warning: mysqli_query() expects parameter 1 to be mysqli, boolean given in /home/justdb/public_html/upload_image.php on line 24

Warning: mysqli_close() expects parameter 1 to be mysqli, boolean given in /home/justdb/public_html/upload_image.php on line 30

Which hostname? the one which links the image? or the one which is `$host` for mysql? if it's `$host` Please can you post the code which defines $host and also provide information about your server setup. i.e. is the web server and mysql server hosted on a local machine? in the cloud on a server somewhere? Have you tried changing back what you changed and then investigating the problem from there? — Adam Copley, Feb 09 '16 at 15:34
You are vulnerable to [sql injection attacks](http://bobby-tables.com). and if the echo doesn't show up, then mysqli probably isn't enabled/installed, and you've got error_reporting/display_errors turned off. — Marc B, Feb 09 '16 at 15:35
This sounds like a great opportunity for you to familiarize yourself with some debugging practices. Turn on error reporting, check the SQL query for errors, check the PHP and server logs, even put in some echo statements throughout the code to see what's happening when it executes. — David, Feb 09 '16 at 15:35
@AdamCopley godaddy hosting , and what do you mean by `$host` i didnt define anything for that , the server setup i guess was automaticaly set up with go daddy — Moudiz, Feb 09 '16 at 15:36
@MarcB well you know better if there will be sql injection, i will work on that how to enable error reporting on ? — Moudiz, Feb 09 '16 at 15:38
error reporting would have thrown you a parse error for this `echo $sql` IF, that's your actual code and is off-topic. check for errors against your query also. — Funk Forty Niner, Feb 09 '16 at 15:38
@Fred-ii- the query is correct , I have run it manualy , and yes its my acuatl code — Moudiz, Feb 09 '16 at 15:41
Add error reporting to the top of your file(s) right after your opening PHP tag for example ` — Funk Forty Niner, Feb 09 '16 at 15:42
May be column name should be `TYPE` instead of `TYOE` in this line `$sql="INSERT INTO OBJECTS( NAME, TYOE, URL, CATEGORY...` — Nana Partykar, Feb 09 '16 at 15:43
@NanaPartykar no its tyoe , a mistake from me when i created the table — Moudiz, Feb 09 '16 at 15:44
@NanaPartykar good catch and sql error checking will catch that if that is the case; unknown column *blah blah blah* ;-) — Funk Forty Niner, Feb 09 '16 at 15:44
@Fred-ii- i did that still nothing is showing , how to know if go daddy hosting is enabling mysqli ? i was at ipage hosting , my friend was hosting there but now i move to god daddy hosting it seems they deosnt suppoirt mysqli .. — Moudiz, Feb 09 '16 at 15:44
@Moudiz you need to contact them and is out of scope for the question. run `` and see what comes up in a test PHP file. You are using a `.php` extension, *right?* and not `.html`? — Funk Forty Niner, Feb 09 '16 at 15:46
@Fred-ii- ofcourse .php thanks for your support , anyway now when i click on the link I am able to see errors , hopefuly i can fix them — Moudiz, Feb 09 '16 at 15:48
*"and what do you mean by $host i didnt define anything for that"* - well, if you didn't define those variables, nothing's going to run in your sql. that would only throw you undefined variables etc. connection manual is http://php.net/manual/en/function.mysqli-connect.php — Funk Forty Niner, Feb 09 '16 at 15:49
After fixing those error, please let us know what was the actual error. *I am waiting* — Nana Partykar, Feb 09 '16 at 15:49
@Fred-ii- ah ofcourse the credentials , ofcourse i defined them correctly — Moudiz, Feb 09 '16 at 15:50
@NanaPartykar well if you click on the link you ll see them http://justedhak.com/upload_image.php stupid errors — Moudiz, Feb 09 '16 at 15:51
well those errors are most likely due to your HTML form and suspect many things. something you didn't post — Funk Forty Niner, Feb 09 '16 at 15:52
@Fred-ii- I am trying to find out honestly, the first one is obvious , so ill fix it then ill see the others — Moudiz, Feb 09 '16 at 15:52
and this `Warning: Cannot modify header information - headers already sent by` besides your other errors, is obvious there's ouput before it and that can mean many many things and caused by one or many. — Funk Forty Niner, Feb 09 '16 at 15:53
@Fred-ii- can we go to a chat and ask you some questions, is it possible ? such question like in the $host i added the ip of my website, but I am getting error from it , — Moudiz, Feb 09 '16 at 15:57
@Fred-ii- hi man i dont know if i need to post it as new question but I am having error `Access denied for user 'justdb'@'ip-160-153-162-16.ip.secureserver.net' (using password: YES` however the username and password is correct( the username and pass are related to cpanel) and the ip also from the cpanel menu , why I am still getting this issue? — Moudiz, Feb 09 '16 at 16:26
new question, yes. plus, I feel that you accepted the answer below for the wrong reason as it does not fully address the real problem here and you are basically sending out the wrong message. — Funk Forty Niner, Feb 09 '16 at 16:29
@Fred-ii- i have removed the accept , and yes i solved my problem, I had to add localhost in $host — Moudiz, Feb 09 '16 at 16:32

score 1 · Accepted Answer · edited May 23 '17 at 11:59

Foreword:

It has already been established that you have added the missing semi-colons for both echo 'hi' and echo $sql, so there's no need for my repeating it.

Seeing all of those undefined index notices, that could mean that your form's method may not be using the same as your GET/POST arrays, something you did not include in your original question; these are likely possible reasons.

Or, that you are using both your HTML and PHP inside the same file and that is the case, your HTML form may be on top of your PHP, in turn throwing the headers sent notice and that you need to use either isset() or empty() against your GET/POST arrays.

There should not be any output before header and that could also be caused by a cookie, a space before the <?php opening tag, or the file's encoding; which could also be a byte order mark.

Here are a few links that are directly related to the issues you are having.

Plus, it was already noted that your code is open to an SQL injection.

References:

php mysqli_query not executin either echo is showing in url

1 Answers1