0

Errors :

  1. Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/u251789135/public_html/omg/admin/Connection/config.php on line 6

  2. Warning: mysql_connect(): Access denied for user 'U251789135_user'@'10.2.1.35' (using password: YES) in /home/u251789135/public_html/omg/admin/Connection/config.php on line 6 Failed to connect to server: Access denied for user 'U251789135_user'@'10.2.1.35' (using password: YES)

Inside admin/connection dir their are two configurations files .The codes are below :

  1. Config.php : http://pastebin.com/fJiGGCdK

  2. conn.php :

    I couldn't paste it here. The editor says it contains code not properly formatted.So i will use paste bin: http://pastebin.com/en2WWquW

I was trying to open admin pages when the error happened. Specifically this : admin/login-exec.php and admin/tracking-exec.php .

Code for admin/login-exec.php : 

<?php
//Start session
session_start();

//Include database connection details
require_once('Connection/config.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
if(!$link) {
    die('Failed to connect to server: ' . mysql_error());
}

//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
    die("Unable to select database");
}

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
    $str = @trim($str);
    if(get_magic_quotes_gpc()) {
        $str = stripslashes($str);
    }
    return mysql_real_escape_string($str);
}

//Sanitize the POST values
$login = clean($_POST['username']);
$password = clean($_POST['pass']);

//Input Validations
if($login == '') {
    $errmsg_arr[] = 'Empty username not allowed';
    $errflag = true;
}
if($password == '') {
    $errmsg_arr[] = 'Empty password not allowed';
    $errflag = true;
}

//If there are input validations, redirect back to the login form
if($errflag) {
    $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
    session_write_close();
    header("location: index.php");
    exit();
}

//Create query
$qry="SELECT * FROM admin WHERE username='$login' AND password='$password'";
$result=mysql_query($qry);

//Check whether the query was successful or not
if($result) {
    if(mysql_num_rows($result) == 1) {
        //Login Successful
        session_regenerate_id();
        $user = mysql_fetch_assoc($result);
        $_SESSION['USER_ADMIN_ID'] = $user['username'];


        session_write_close();
        header("location: view.php");
        exit();
    }else {
        //Login failed
        $errmsg_arr[] = 'Provide a valid user name and password';
        $errflag = true;
       //If there are input validations, redirect back to the login form
       if($errflag) {
         $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
         session_write_close();
         header("location: index.php");
         exit();
       }            
    }
}else {
    die("Query failed");
}

?>

Please i need help with fixing the errors. I do not know php. I hope i provided all necessary information.

Oke James
  • 1
  • There is **no more support** for `mysql_*` functions, they are [**officially deprecated**](https://wiki.php.net/rfc/mysql_deprecation), **no longer maintained** and will be [**removed**](http://php.net/manual/en/function.mysql-connect.php#warning) in the future. You should update your code with [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) to ensure the functionality of your project in the future. – Tom Udding Mar 15 '17 at 07:13
  • 1
    @tomudding they have ***already*** been removed. and `it was removed in PHP 7.0.0.` – Hanky Panky Mar 15 '17 at 07:14
  • Remove DB_DATABASE from mysql_connect because you have called database twice. – Sweta Parmar Mar 15 '17 at 07:23
  • please i really don't know how to do any of this that's why i pasted the codes..... help me modify and paste it here please ? – Oke James Mar 15 '17 at 10:47

0 Answers0