-3

I'm trying to convert mysql to mysqli, but I get some errors

first error:

mysqli_query() expects at least 2 parameters, 1 given in /home/.........../class/class.mysql.php on line 55

public function query($res, $pass_no = 1) {
    $q1 = mysqli_query($res, $this->db_link);
    if (!$q1) {
        $this->sql_error();
        if ($pass_no == 1) {
            if ($this->output_error == 1) {
                echo 'Attempting to reconnect to MySQL...' . "\n";
            }
            $this->db_close();
            $this->db_connect();
            $this->query($res, 2);
        } else {
            if ($this->output_error == 1) {
                echo 'Reconnection failed; please check your MySQL server settings!' . "\n";
            }
        }
    } else {
        return $q1;
    }
}

second error:

mysqli_real_escape_string() expects exactly 2 parameters, 1 given in /home/..../index.php on line 14

global  $db ;

$username = mysqli_real_escape_string($_POST['username_login']);

      $q ="select * from ".DB_PREFIX."admins where username='".$username."' ".
        "and password='".md5( $_POST['password_login'])."'";
   // echo $q;
    $res =$db->query($q);
    if($db->num_rows($res)==1)
    {

        return true ;
    }

return false ;

I don't understand the 2 errors

Dharman
  • 30,962
  • 25
  • 85
  • 135
Maichale
  • 29
  • 1
  • 3
  • 6
  • 2
    In `mysqli_` the database Link is the ***first*** parameter. – Martin Jul 19 '18 at 11:35
  • Possible duplicate of [mysqli\_query expects at least 2 parameters](https://stackoverflow.com/questions/8073278/mysqli-query-expects-at-least-2-parameters) – miken32 Sep 26 '18 at 18:05

1 Answers1

0

When you get errors: Please help yourself by reading the manual .

1)

first error : mysqli_query() expects at least 2 parameters, 1 given in /home/.........../class/class.mysql.php on line 55

Your code: 

$q1 = mysqli_query($res, $this->db_link);

Should be: 

$q1 = mysqli_query($this->db_link, $res);

With the Database connection variable FIRST. This variable is required for almost all mysqli_ functions.

2)

second error : mysqli_real_escape_string() expects exactly 2 parameters, 1 given in /home/..../index.php on line 14

See point 1, above: 

mysqli_real_escape_string($connectionVariable, $_POST['username_login']);

3)

$q ="select * from ".DB_PREFIX."admins where username='".$username."' ".
    "and password='".md5( $_POST['password_login'])."'";

NO

Do not do this!!! Passwords should be stored using PHPs specialist password_hash function. Please read how to use it, why you should use it, why it should be used, and the benefits of using it and here if you need to use it on older versions of PHP.

Martin
  • 22,212
  • 11
  • 70
  • 132