dev09
asked on
PHP MySQL Query / Best Practice (blank page)
Hi,
I've been using the below code for sometime, all works well, except when there is an insert or edit query - I get a blank page.
It could be because it's trying to add/edit a field that may not exist in the database or an SQL error - but I do not get feedback on screen - the page usually just loads blank. Should I be using different code, alter it, or something completely different?
QUERY
INSERT
UPDATE
Or is it a PHP setting i need to turn on to properly show me the SQL error?
Thank you
I've been using the below code for sometime, all works well, except when there is an insert or edit query - I get a blank page.
It could be because it's trying to add/edit a field that may not exist in the database or an SQL error - but I do not get feedback on screen - the page usually just loads blank. Should I be using different code, alter it, or something completely different?
$db_host = "ip";
$db_user = "admin";
$db_name = "database";
$db_pass = "pass";
$link = mysqli_connect($db_host, $db_user, $db_pass) or die(mysql_error());
mysqli_select_db($link,$db_name) or die(mysql_error());
QUERY
$sql = mysqli_query($link,"SELECT * FROM table") or die(mysql_error());
$row = mysqli_fetch_array($sql);
$total = mysqli_num_rows($sql);
INSERT
mysqli_query($link,"INSERT INTO table (test) VALUES ('1')");
UPDATE
$result = mysqli_query($link,"UPDATE table SET test='1',WHERE id = '1'") or die(mysql_error());
Or is it a PHP setting i need to turn on to properly show me the SQL error?
Thank you
You're mixing mysql and mysqli functions.
Change all your mysql_error() to mysqli_error($link), and they should all work.
Change all your mysql_error() to mysqli_error($link), and they should all work.
On the question of best practice, you should definitely be parameterising your queries. It's a much more secure way of writing database code. Have a google around for mysqli parameterised queries (prepared queries).
Whilst you're at it, you might want to consider swtiching to object oriented coding. Makes life a lot easier once you get the hang of it :)
Whilst you're at it, you might want to consider swtiching to object oriented coding. Makes life a lot easier once you get the hang of it :)
ASKER
Thanks, looked up and now using object oriented parameterised queries. Thanks!
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Open in new window
has an expected comma..
use
Open in new window
instead.
p.s. why enclosing numeric id values in single quotes? This leads to an unnecessary cast.