my Xampp Says.Notice: Use of undefined constant courier - assumed 'courier' in C:\xampp\htdocs\move2\admin\connection.php on line 5

Question

I have error after login which says Notice: Use of undefined constant courier - assumed 'courier' in C:\xampp\htdocs\move2\admin\connection.php on line 5

here is my connection page which is connection.php

<?php> $objConnect = ($GLOBALS["___mysqli_ston"] = mysqli_connect("localhost", "root", "inseat")) or die("Error Connect to Database"); $objDB = ((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE " . courier)); ?>

here is the page that checks the who is user and Admin, Check_login.php

<?php
     session_start();
     include("connection.php");
     $strSQL = "SELECT * FROM member WHERE Username = '".trim($_POST['txtUsername'])."' 
     and Password = '".trim($_POST['txtPassword'])."'";
     $objQuery = mysqli_query($GLOBALS["___mysqli_ston"], $strSQL);
     $objResult = mysqli_fetch_array($objQuery);
     if(!$objResult)
     {

            header("location:login_error.php");



    }
    else
    {
            $_SESSION["UserID"] = $objResult["UserID"];
            $_SESSION["Status"] = $objResult["Status"];

           session_write_close();

            if($objResult["Status"] == "ADMIN")
            {
                header("location:admin_page.php");
            }
            else if ($objResult["Status"] == "TEACHER")
            {
               header("location:teacher_page.php");
            }
            else
            {
                header("location:form-1/main_studentpage.php");
          }
    }
    ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
?>

Here is my admin page with session.Admin_page.php

<?php
     session_start();
    if($_SESSION['UserID'] == "")
     {
         header("location:login.php");
     }

     if($_SESSION['Status'] != "ADMIN")
    {
        echo "This page for Admin only!";
        exit();
    }    

   require_once("connection.php");
   $strSQL = "SELECT * FROM member WHERE UserID = '".$_SESSION['UserID']."' ";
   $objQuery = mysqli_query($GLOBALS["___mysqli_ston"], $strSQL);
   $objResult = mysqli_fetch_array($objQuery);
?>

The name of my database is courier and has two tables in it which is member and shipment. I need your help to fix this error

The above code was MYSQL and i converted them to MYSQLI using mysqli converter... — Rhema U Samson, Dec 01 '17 at 13:01
[Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)*** Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! — Jay Blanchard, Dec 01 '17 at 13:40
**Never store plain text passwords!** Please use ***PHP's [built-in functions](http://jayblanchard.net/proper_password_hashing_with_PHP.html)*** to handle password security. If you're using a PHP version less than 5.5 you can use the `password_hash()` [compatibility pack](https://github.com/ircmaxell/password_compat). ***It is not necessary to [escape passwords](http://stackoverflow.com/q/36628418/1011527)*** or use any other cleansing mechanism on them before hashing. Doing so *changes* the password and causes unnecessary additional coding. — Jay Blanchard, Dec 01 '17 at 13:40

my Xampp Says.Notice: Use of undefined constant courier - assumed 'courier' in C:\xampp\htdocs\move2\admin\connection.php on line 5

here is my connection page which is connection.php

The name of my database is courier and has two tables in it which is member and shipment. I need your help to fix this error

0 Answers0