-1

I am trying to link my MySQL database to my PHP code. My friend has the same code as me and is able to connect their database to their PHP code. I end up getting a error code and do not know where I am going wrong.

This is the code that I am using 

<?php

$username="root";
$password="password";
$database="account";
$connect = mysql_connect('localhost', $username, $password);
//$db-select = mysql_select_db($database,$connect) or die("Unable to select database");

$user = $_GET['user'];
$pass = $_GET['pass'];

if(!$connect) {
    die('eror');
}

$db = my_sql_select_db("account", $connect)
mysql_query($db, "INSERT INTO 'account', 'tbl_account' (Username, Password) VALUES ('$user', '$pass')";);

mysql_close($connect);
?>

This is the outcome:

Parse error: syntax error, unexpected 'mysql_query' (T_STRING) in C:\Apache24\htdocs\PHP\index.php on line 11

phen0menon
  • 2,354
  • 2
  • 17
  • 36
M.Oswald
  • 21
  • 5
  • 3
    **Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) that has been [removed](http://php.net/manual/en/mysql.php) from PHP. You should select a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Jul 04 '17 at 16:17
  • **WARNING**: Writing your own access control layer is not easy and there are many opportunities to get it severely wrong. Please, do not write your own authentication system when any modern [development framework](http://codegeekz.com/best-php-frameworks-for-developers/) like [Laravel](http://laravel.com/) comes with a robust [authentication system](https://laravel.com/docs/5.4/authentication) built-in. At the absolute least follow [recommended security best practices](http://www.phptherightway.com/#security) and **never store passwords as plain-text**. – tadman Jul 04 '17 at 16:29

1 Answers1

0

add semicolon at the end of first line and remove the extra semicolon in second line 

$db = my_sql_select_db("account", $connect);
mysql_query($db,"INSERT INTO 'account','tbl_account' (Username,Password) VALUES ('$user','$pass')");
Shahzaib Sheikh
  • 647
  • 1
  • 9
  • 21
  • Thanks for your help. It now says that there is a unexpected ';' – M.Oswald Jul 04 '17 at 16:37
  • see edited answer. – Shahzaib Sheikh Jul 04 '17 at 16:40
  • Its now produced four error messages: Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in C:\Apache24\htdocs\PHP\index.php on line 3 Notice: Undefined index: user in C:\Apache24\htdocs\PHP\index.php on line 5 Notice: Undefined index: pass in C:\Apache24\htdocs\PHP\index.php on line 6 Fatal error: Call to undefined function my_sql_select_db() in C:\Apache24\htdocs\PHP\index.php on line 10 – M.Oswald Jul 04 '17 at 16:46
  • first message is explained by @quentin in the comments of your question. – Shahzaib Sheikh Jul 04 '17 at 17:06
  • second and third message is because you are not passing parameters to your script (most probably) – Shahzaib Sheikh Jul 04 '17 at 17:08
  • fourth message is because you are calling a function with wrong name. call it as `mysql_select_db("account", $connect)` – Shahzaib Sheikh Jul 04 '17 at 17:10