0

I'm trying to insert data into my database, but the error that I get is: Access denied for user ''@'localhost' (using password: NO)

The strange thing is that I can select data from my database and it also displays this data into my form fields.

http://sayhey.nl/mealapp/add-ingredients.php

But when I try to insert new data via this form, it gives the 'access denied' error. It looks like there is no username or password set, but actually I did do this:

//Connect to database
$servername = "localhost";
$username = "username";
$password = "password";
$database = "databasename";

// Create connection
$conn = new mysqli($servername, $username, $password, $database);

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

And this is the rest of the code:

<?php
//Connect
include 'connect.php';
$ingredient_sql = "SELECT id, name FROM ingredient_cat";
$ingredient_cat_result = $conn->query($ingredient_sql);
?>
<div id="wrapper">
    <form method = "post" action = "<?php $_PHP_SELF ?>">
        <input name="ingredient_name" type="text" id="ingredient-name" />
        <select name="ingredient_cat" id="ingredient-cat">
            <?php
             while($row = $ingredient_cat_result->fetch_assoc()) {
                echo '<option value="'.$row["id"].'">'.$row["name"].'</option>';                 
             }
            ?>
        </select>
        <select name="ingredient_unit" id="ingredient-unit">
            <option value="stuks">stuks</option>
            <option value="gram">gram</option>
            <option value="liter">liter</option>
        </select>
        <input type="submit" name="add" value="Add ingredient" />
    </form>
</div>  
<?php
if(isset($_POST['add'])) {
    $ingredient_name = $_POST['ingredient_name'];
    $ingredient_cat = $_POST['ingredient_cat'];
    $ingredient_unit = $_POST['ingredient_unit'];
    mysql_query("INSERT INTO ingredient(name, unit, cat) VALUES('".$ingredient_name."', '".$ingredient_unit."', ".$ingredient_cat.")")or die(mysql_error());
}
?>

Does someone know how to fix this problem?

Tamara
  • 145
  • 1
  • 4
  • 14
  • your code use a password, your error message says that you didn't. did you post the correct code to replicate this problem? – Federkun Dec 28 '17 at 10:02
  • how are you writing insert query and select query? Can you post that too? – Rahul Dec 28 '17 at 10:02
  • Yes, it would be good to see the actual code that fails, please. – Matt Gibson Dec 28 '17 at 10:02
  • You're using the obsolete `mysql_query` to do your insert, which could never work with your `mysqli`-based connection, even if you were trying to use it, which you're not... Also, you're wide open to SQL injection, and should switch to using parameterised queries once you get the connection working. – Matt Gibson Dec 28 '17 at 10:07
  • also, https://stackoverflow.com/questions/601300/what-is-sql-injection – Federkun Dec 28 '17 at 10:08

1 Answers1

2

You are mixing PDO with procedural way...

Replace your mysql_query( with $conn->query(

ino
  • 2,345
  • 1
  • 15
  • 27
  • This works, thank you! – Tamara Dec 28 '17 at 10:10
  • Great, so please accept the answer and use PDO prepared statements to prevent SQL Injections: https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php/60496#60496 – ino Dec 28 '17 at 10:20