Call to undefined function mysql_query() with Login

Question

When i execute my PHP code below i get a Fatal error and i'm not sure how to resolve it.

Thank you for your help

The Error

PHP Fatal error: Uncaught Error: Call to undefined function mysql_query() in /Applications/MAMP/htdocs/lprapp/config.php:23 Stack trace:#0 {main} thrown in /Applications/MAMP/htdocs/lprapp/config.php on line 23

Code

    <?php

    $user = 'root';
    $password = 'root';
    $db = 'inventory';
    $host = 'localhost';
    $port = 8888;

    $link = mysqli_init();
    $success = mysqli_real_connect(
       $link,
       $host,
       $user,
       $password,
       $db,
       $port
    );

    ?>
    <?php
    $username = $_POST['username'];
    $password = $_POST['password'];
    $sql = mysql_query("SELECT * FROM login WHERE username = '".$_POST['username']."' and password = '".md5($_POST['password'])."'");
    $row = mysql_num_rows($sql);
    if($rom > 0 )
    {
      session_start();
      $_SESSION['username'] = $_POST['username'];
      $_SESSION['password'] = $_POST['password'];
      echo "login done";
    }else {
      echo "fail login ";
    }

    ?>

Obligatory advice: Don't use mysql. Upgrade to mysqli at the very least. The environment you're on might actually use mysqli already; thus the error. — Carcigenicate, Sep 14 '16 at 14:33
@JonStirling Oh, you're right. I missed the top half of his code. — Carcigenicate, Sep 14 '16 at 14:34
`Call to undefined function mysql_query()` I'm guessing you're running PHP 7 where the `mysql_` extension isn't merely deprecated but has been removed completely. — CD001, Sep 14 '16 at 14:35

score 29 · Accepted Answer · answered Sep 14 '16 at 14:35

29

You are mixing mysql and mysqli

Change these lines:

$sql = mysql_query("SELECT * FROM login WHERE username = '".$_POST['username']."' and password = '".md5($_POST['password'])."'");
$row = mysql_num_rows($sql);

to

$sql = mysqli_query($success, "SELECT * FROM login WHERE username = '".$_POST['username']."' and password = '".md5($_POST['password'])."'");
$row = mysqli_num_rows($sql);

answered Sep 14 '16 at 14:35

The One and Only ChemistryBlob

7,864
10
36
69

5

Please note that this code is **wide open to [SQL injection](https://en.wikipedia.org/wiki/SQL_injection) attacks**, allowing basically anyone to view and modify your database. Instead of simply changing the API, please consider using **prepared statements** instead. See [How can I prevent SQL injection in PHP?](https://stackoverflow.com/q/60174/479156) on how you can do this. – Ivar Oct 11 '19 at 11:12

score 1 · Answer 2 · answered Sep 14 '16 at 14:35

1

You are mixing the deprecated mysql extension with mysqli.

Try something like:

$sql = mysqli_query($success, "SELECT * FROM login WHERE username = '".$_POST['username']."' and password = '".md5($_POST['password'])."'");
$row = mysqli_num_rows($sql);

answered Sep 14 '16 at 14:35

FrankSunnyman

241
3
13

score 0 · Answer 3 · answered Sep 14 '16 at 14:37

0

What is your PHP version? Extension "Mysql" was deprecated in PHP 5.5.0. Use extension Mysqli (like mysqli_query).

answered Sep 14 '16 at 14:37

Kostya Zhevlakov

257
1
5

score 0 · Answer 4 · answered Sep 14 '16 at 14:37

I would recommend that start using mysqli_() and stop using mysql_()

Check the following page: LINK

Warning This extension was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include: mysqli_affected_rows() PDOStatement::rowCount()

Try and use mysqli_() Or PDO

Call to undefined function mysql_query() with Login

4 Answers4

Linked