0

I have two databases (cloud database and one in local device). All the other credentials username, password, database name are the same in all databases.

But the following piece of code

echo "<b><a href='updatephp.php?update={$row['ID']}'>{$row['HEADING']}</a></b>";

from php script below work only in database in local device but not in cloud database. 

<?php
$db = "nhldb";
$user = "root";
$password = "password";
$host = "localhost";
$connection = mysqli_connect("$host", "$user", "$password");
$db = mysqli_select_db("$db", $connection);
if (isset($_GET['submit'])) {
    $id = $_GET['did'];
    $heading = $_GET['dheading'];
    $descr = $_GET['ddescr'];
    $story = $_GET['dstory'];
    $image = $_GET['dimage'];
    $url = $_GET['durl'];
    $reporter = $_GET['dreporter'];
    $category = $_GET['dcategory'];
    $query = mysqli_query("update home_db set
                     HEADING='$heading', STORY='$story', descr='$descr', category='$category',reporter='$reporter',url = '$url', IMAGE='$image' where ID='$id'", $connection);
}
$query = mysqli_query("select * from home_db ORDER BY ID DESC LIMIT 10", $connection);
while ($row = mysqli_fetch_array($query)) {
   echo "<b><a href='updatephp.php?update={$row['ID']}'>{$row['HEADING']}</a></b>";
   echo "<br />";
   echo "<hr />";
}
?>

Anyone to help Please!

eli
  • 8,571
  • 4
  • 30
  • 40
  • `if (isset($_GET['submit']))` how does this even get triggered? – rndus2r Sep 28 '17 at 12:27
  • 1
    don't use `mysql_*` . you should used `mysqli_*` or PDO – Bilal Ahmed Sep 28 '17 at 12:27
  • @BilalAhmed in all query or in some queries? – eli Sep 28 '17 at 12:30
  • 1
    first check you DB connection (credentials), second `mysql_connect("$host", "$user", "$password");` remove `"` like this `mysql_connect($host, $user, $password);`, and third upload form code – Bilal Ahmed Sep 28 '17 at 12:30
  • @BilalAhmed am i suporsed to use msqli_* in all the queries or in some queries? – eli Sep 28 '17 at 12:33
  • no. mysql_* is an unsecured but it's work fine – Bilal Ahmed Sep 28 '17 at 12:34
  • i have above mention 3 points. check Database connection, correct query and third show your form code – Bilal Ahmed Sep 28 '17 at 12:35
  • 1
    ***Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php).*** [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Sep 28 '17 at 12:35
  • 1
    [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***. Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Sep 28 '17 at 12:35
  • @rndus2r it is triggered when i want to update the data which i have updated – eli Sep 28 '17 at 12:54

1 Answers1

2

You are using mysql but it was deprecated in PHP v5.5.0 and removed in PHP v7.

The reason why it is working in localhost is that your xampp is definately using old version of php.

Rishabh Gogia
  • 21
  • 3