-2

Am trying to display mysqli_error in my php scrip put I keeping getting black page if the query fails but return response when successful both mysqli_error($conn) and mysqli_errno($conn) are just displaying black page if the query fails. Here is my database connection script

<?php
$ser = "test";
$user = "test";
$pass = "test";
$db="test";
$conn = mysqli_connect($ser, $user, $pass, $db);
if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
  }
?>

My Php Query

<?php
include 'conn.php';
if ($conn) {
    $sql = "INSERT INTO tbl_users (userId, email, pass) VALUES ('$userId', '$email', '$pass')";
    if (mysqli_query($conn, $sql)) {
        echo json_encode(array(
            "status" => "Ok",
            "message" => "Success",
        ));
    } else {
        echo json_encode(array(
            "status" => "Error",
            "message" => mysqli_error($conn),
        ));
    }
}

An able to get the success response if the query runs correctly but i get a blank page once an error occurs if i use ini_set('display_errors', 1); i get the full page error but i need just the mysqli_error or mysqli_errno.

Serenity
  • 99
  • 1
  • 11
  • `ini_set('display_errors', 1);` needs to be set in order to show errors in your page. – Ar Rakin Mar 29 '23 at 19:02
  • Please also refer to this page about mysqli erros on w3school - [link](https://www.w3schools.com/php/func_mysqli_error.asp) – Anant V Mar 29 '23 at 19:08
  • See the [`mysqli_report()`](https://www.php.net/manual/en/function.mysqli-report.php) If you want to be able to keep running after an error, disable the automatic reporting. – Barmar Mar 29 '23 at 19:10
  • You can also use an exception handler to catch the error. – Barmar Mar 29 '23 at 19:11
  • https://phpdelusions.net/mysqli#error_handling – ADyson Mar 29 '23 at 20:19
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) – Dharman Mar 30 '23 at 10:37
  • You really should not be displaying mysqli errors on your website. This should only be for developer eyes only!!! The information contained in the message is very sensitive. Adding to the fact that you have a glaring SQL injection, you just give full control of your site to hackers. – Dharman Mar 30 '23 at 10:39

1 Answers1

0

Since PHP 8.1, the default setting for mysqli error reporting is MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT, which causes errors to throw an exception instead of just returning false.

If you want to check for errors in your code instead of getting exceptions, use

mysqli_report(MYSQLI_REPORT_OFF);

A better solution would be to use an exception handler.

if ($conn) {
    $sql = "INSERT INTO tbl_users (userId, email, pass) VALUES ('$userId', '$email', '$pass')";
    try {
        mysqli_query($conn, $sql);
        echo json_encode(array(
            "status" => "Ok",
            "message" => "Success",
        ));
    catch (mysqli_sql_exception $e) {
        echo json_encode(array(
            "status" => "Error",
            "message" => $e->getMessage()
        ));
    }
}
Barmar
  • 741,623
  • 53
  • 500
  • 612