Why can't I connect to the mySQL database through PHP?

Question

I am new to PHP and database design. I'm having trouble deleting a row from my database using PHP. I get these errors when I click the "delete" button on my webpage:

Warning: mysqli_connect(): MySQL server has gone away in H:\wamp64\www\cs3100hw3\hw3.php on line 63

Warning: mysqli_connect(): Error while reading greeting packet. PID=13284 in H:\wamp64\www\cs3100hw3\hw3.php on line 63

Warning: mysqli_connect(): (HY000/2006): MySQL server has gone away in H:\wamp64\www\cs3100hw3\hw3.php on line 63

Line 63 begins with $conn. Additionally, execution takes quite a while, so I assume there's some kind of timing out issue. I am using WampServer, if that makes a difference. Any help is appreciated!

<?php
    if(isset($_POST['delete'])) {
        $dbhost = 'localhost:8000';
        $dbuser = 'root';
        $dbpass = '';
        $db = 'hw2';
        $conn = mysqli_connect($dbhost, $dbuser, $dbpass, $db);

        if(! $conn ) {
           die('Could not connect: ' . mysql_error());
        }

        $last_name = $_POST['last_name'];

        $sql = "DELETE FROM hockeyplayers WHERE lastname = $last_name" ;
        mysqli_select_db('test_db');
        $retval = mysql_query( $sql, $conn );

        if(! $retval ) {
           die('Could not delete data: ' . mysql_error($conn));
        }

        echo "Deleted data successfully\n";

        mysqli_close($conn);
    }else {
        ?>
           <form method = "post" action = "<?php $_PHP_SELF ?>">
              <table width = "400" border = "0" cellspacing = "1" 
                 cellpadding = "2">

                 <tr>
                    <td width = "100">Last Name</td>
                    <td><input name = "last_name" type = "text" 
                       id = "last_name"></td>
                 </tr>

                 <tr>
                    <td width = "100"> </td>
                    <td> </td>
                 </tr>

                 <tr>
                    <td width = "100"> </td>
                    <td>
                       <input name = "delete" type = "submit" 
                          id = "delete" value = "Delete">
                    </td>
                 </tr>

              </table>
           </form>
        <?php
    }
  ?>

Did you set your server to be on port 8000? You are open to SQL injections and have written an invalid delete query. Also `mysql_query` and `mysql_error` dont work with `mysqli`. Additional, `` does nothing and if you echo that you should escape it so it is not XSS injectible. — chris85, Oct 15 '16 at 17:29
@hockysaint Kindly look at the first answer of the dupe for the solution. — Praveen Kumar Purushothaman, Oct 15 '16 at 17:30
maybe you have a 1B row table with a tablescan in the `delete` — Drew, Oct 15 '16 at 17:33
@PraveenKumar Oh, that's a good edit trick. Didn't know `> *` bulleted the quote. — chris85, Oct 15 '16 at 17:34
The query will never execute, no `mysql_*` connection and it is invalid (assuming last name is a string). The `mysqli_select_db` also is invalid it will require the connection string, and why change DBs at that point, just set up the right DB in the connection. — chris85, Oct 15 '16 at 17:36
I think that I've fixed the connection issues. @chris85 what is wrong with my delete query? — hockeysaint, Oct 15 '16 at 17:48
`$last_name` needs to be quoted because it is a string, it also opens you to SQL injections. Set `$_POST['last_name']` to `Smith' or 1=1--` (once the quotes are in place) and all your DB records are deleted. Use parameterized queries and the driver will handle quoting and escaping. — chris85, Oct 15 '16 at 17:50

Why can't I connect to the mySQL database through PHP?

0 Answers0