Connection to mySQL database is not always happening

When you say it's "not always" happening, I assume that means it does happen sometimes.

So the first thing to do is determine if there's a pattern.

1. Does it happen only on specific pages?
2. Certain times of the day?
3. Does it work a few times in a row and then it stops working?
4. When it stops working, does it work again later without you having to do anything to fix it? 

Bingo!  Number 4.  It seems to hinge on the path of the config file.
THERAPIST/therapist-login.php

<?php
session_start();
//echo session_id();
error_reporting(0);
include("../THERAPIST/include/therapist-config.php");
//include("INCLUDE/config.php");
if(isset($_POST['submit']))
{

Select allOpen in new window

then to the THERAPIST/therapist-dashboard.php page

<?php
session_start();
error_reporting(0);
include('INCLUDE/config.php');
//include('../THERAPIST/include/therapist-check-login.php');
check_login();

Select allOpen in new window

and finally to the THERAPIST/include/therapist-check-login.php  This page is causing the problem.  I think.

<?php
function check_login()
{
if(strlen($_SESSION['dlogin'])==0)
   {   
      $host = $_SERVER['HTTP_HOST'];
      $uri  = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
      $extra="THERAPIST/therapist-dashboard.php";      
      header("Location: http://$host$uri/$extra");
   }
}
?>

Select allOpen in new window

It seems that it has to do with the paths......I think

So you're loading different files.

THERAPIST/therapist-login.php -> include("../THERAPIST/include/therapist-config.php");
...the true path here is:
THERAPIST/include/therapist-config.php

THERAPIST/therapist-dashboard.php -> include('INCLUDE/config.php');
...the true path here is:
THERAPIST/INCLUDE/config.php

So there are 2 different config filenames. I'm -guessing- the folder "include" vs. "INCLUDE" isn't case-sensitive but it's something to check, as well.

I just made them both INCLUDE/config.php   still not working.  BTW both config files are the same.  Also REM out check_login()  made no difference

The full code of therapist-login.php

<?php
session_start();
error_reporting(0);
include("INCLUDE/config.php");
if(isset($_POST['submit']))
{

$ret=mysqli_query($con,"SELECT * FROM tbl_therapist WHERE therapist_email='".$_POST['username']."' and therapist_password='".$_POST['password']."'");
$num=mysqli_fetch_array($ret);
if($num>0)
{
$extra="THERAPIST/therapist-dashboard.php";
$_SESSION['dlogin']=$_POST['username'];
$_SESSION['id']=$num['therapist_id'];
$uip=$_SERVER['REMOTE_ADDR'];
$status=1;


$date = date('d-m-Y h:i:s A');
$log=mysqli_query($con,"insert into tbl_therapist_log(therapist_id,therapist_name,therapist_ip,therapist_login_time,therapist_status) values('".$_SESSION['id']."','".$_SESSION['dlogin']."','$uip','$date','$status')");
$uri=rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("location:http://$host$uri/$extra");
exit();
}
else
{
//unsuccessfull
$_SESSION['login']=$_POST['therapist_name'];   
$uip=$_SERVER['REMOTE_ADDR'];
$status=0;
$date = date('d-m-Y h:i:s A');
mysqli_query($con,"insert into tbl_therapist_log(therapist_id,therapist_name,therapist_ip,therapist_login_time,therapist_status) values('".$_SESSION['dlogin']."','$uip','$date','$status')");
$_SESSION['errmsg']="Invalid username or password";
$extra="therapist-login.php";
$host  = $_SERVER['HTTP_HOST'];
$uri  = rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("location:http://$host$uri/$extra");
exit();
}
}
?>

Select allOpen in new window

Change error_reporting from 0 to E_ALL:
error_reporting(E_ALL);

...and see if it tells you about a bad path or non-existent file or something.

32767: ERROR 

Try also adding ini_set("display_errors", 1);

<?php
session_start();
ini_set("display_errors", 1); 
error_reporting(E_ALL);
...

Select allOpen in new window

This what I got....
Issues found Windows can't find a computer or device named "therapist"


http://therapist/THERAPIST/therapist-dashboard.php 

Changed all of the dirctories to
THERAPIST/include?config.php
THERAPIST/therapist-login.php
etc.
got this
http://www.audiodigz.com/THERAPIST/THERAPIST/therapist-login.php 

You're not defining $host in your section for successful login.

Look at your unsuccessful login area and you'll see this:
$host  = $_SERVER['HTTP_HOST'];

But it's not in the successful area, so when you redirect with this:
header("location:http://$host$uri/$extra")

$host is empty and it's trying to access an incorrect URL.

So...maybe this?
header("location:https:www.audiodigz.com//$host$uri/$extra")

No need to hardcode the domain (also, you have the // in the wrong place). In fact, you can skip most of that stuff altogether.

If you're at http://www.somewhere.com/myfolder/pageA.php and you want to go to http://www.somewhere.com/myfolder/pageB.php , you can just do this:

header("Location: pageB.php");

Select allOpen in new window

The browser will automatically try to fill in what's missing using the current information. So if the host part is missing (https://www.somewhere.com), it will just use whatever the current host is.

If the folder/path is missing, then it will just use whatever the current folder is.

So if therapist-login.php and therapist-dashboard.php are in the same folder, you can just do:

header("Location: therapist-dashboard.php");

Select allOpen in new window

or

header("Location: therapist-login.php"); 

Select allOpen in new window

Mercy...cleaned the cache and history from my browser.  Got rid of all the THERAPIST/  and this is what I got....
http://therapist/therapist-dashboard.php   also put this in the code to replace the other.

Header("Location: therapist-dashboard.php");

Select allOpen in new window

Can you re-post the code that you have, please? 

Sure here you go.....
This was all working, kinda until I changed the name dashboard.php to therapist-dashboard.php  ,sidebar.php well you get the picture.....

<?php
session_start();
error_reporting(0);
include("include/config.php");
if(isset($_POST['submit']))
{

$ret=mysqli_query($con,"SELECT * FROM tbl_therapist WHERE therapist_email='".$_POST['username']."' and therapist_password='".$_POST['password']."'");
$num=mysqli_fetch_array($ret);
if($num>0)
{
$extra="dashboard.php";
$_SESSION['dlogin']=$_POST['username'];
$_SESSION['id']=$num['therapist_id'];
$uip=$_SERVER['REMOTE_ADDR'];
$status=1;


$date = date('d-m-Y h:i:s A');
$log=mysqli_query($con,"insert into tbl_therapist_log(therapist_id,therapist_name,therapist_ip,therapist_login_time,therapist_status) values('".$_SESSION['id']."','".$_SESSION['dlogin']."','$uip','$date','$status')");
$uri=rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("location:http://$host$uri/$extra");
exit();
}
else
{
//unsuccessfull
$_SESSION['login']=$_POST['therapist_name'];   
$uip=$_SERVER['REMOTE_ADDR'];
$status=0;
$date = date('d-m-Y h:i:s A');
mysqli_query($con,"insert into tbl_therapist_log(therapist_id,therapist_name,therapist_ip,therapist_login_time,therapist_status) values('".$_SESSION['dlogin']."','$uip','$date','$status')");
$_SESSION['errmsg']="Invalid username or password";
$extra="therapist-login.php";
$host  = $_SERVER['HTTP_HOST'];
$uri  = rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("Location: dashboard.php");
//header("location:http://$host$uri/$extra");
exit();
}
}
?>

Select allOpen in new window

When I try to access the page directly I get an HTTP ERROR 500
https://www.audiodigz.com/THERAPIST/therapist-dashboard.php
 

I'm getting confused here - it seems like you're renaming files but then going to the old file names...

My apologies I was trying something.  Did not work.

<?php
session_start();
error_reporting(0);
include("include/config.php");
if(isset($_POST['submit']))
{

$ret=mysqli_query($con,"SELECT * FROM tbl_therapist WHERE therapist_email='".$_POST['username']."' and therapist_password='".$_POST['password']."'");
$num=mysqli_fetch_array($ret);
if($num>0)
{
$extra="therapist-dashboard.php";
$_SESSION['dlogin']=$_POST['username'];
$_SESSION['id']=$num['therapist_id'];
$uip=$_SERVER['REMOTE_ADDR'];
$status=1;


$date = date('d-m-Y h:i:s A');
$log=mysqli_query($con,"insert into tbl_therapist_log(therapist_id,therapist_name,therapist_ip,therapist_login_time,therapist_status) values('".$_SESSION['id']."','".$_SESSION['dlogin']."','$uip','$date','$status')");
$uri=rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("location:http://$host$uri/$extra");
exit();
}
else
{
//unsuccessfull
$_SESSION['login']=$_POST['therapist_name'];   
$uip=$_SERVER['REMOTE_ADDR'];
$status=0;
$date = date('d-m-Y h:i:s A');
mysqli_query($con,"insert into tbl_therapist_log(therapist_id,therapist_name,therapist_ip,therapist_login_time,therapist_status) values('".$_SESSION['dlogin']."','$uip','$date','$status')");
$_SESSION['errmsg']="Invalid username or password";
$extra="therapist-login.php";
$host  = $_SERVER['HTTP_HOST'];
$uri  = rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("Location: therapist-dashboard.php");
//header("location:http://$host$uri/$extra");
exit();
}
}
?>

Select allOpen in new window

Still have this 500 error......trying to load the page directly
https://www.audiodigz.com/THERAPIST/therapist-dashboard.php 

I loaded this code on therapist-login.php and had it load an old dashboard page.  My guess is that something is broken or corrupted on therapist-dashboard.

<?php
session_start();
include("include/config.php");
error_reporting(0);
if(isset($_POST['submit']))
{
$ret=mysqli_query($con,"SELECT * FROM tbl_therapist WHERE therapist_email='".$_POST['username']."' and therapist_password='".$_POST['password']."'");
$num=mysqli_fetch_array($ret);
if($num>0)
{
$extra="dashboard.php";
$_SESSION['dlogin']=$_POST['username'];
$_SESSION['therapist_id']=$num['id'];
$uip=$_SERVER['REMOTE_ADDR'];
$status=1;
$log=mysqli_query($con,"insert into tbl_therapist-log(therapist_id,therapist_name,therapist_ip,therapist_status) values('".$_SESSION['id']."','".$_SESSION['dlogin']."','$uip','$status')");
$host=$_SERVER['HTTP_HOST'];
$uri=rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("location:http://$host$uri/$extra");
exit();
}
else
{
$host  = $_SERVER['HTTP_HOST'];
$_SESSION['dlogin']=$_POST['username'];
$uip=$_SERVER['REMOTE_ADDR'];
$status=0;
mysqli_query($con,"insert into tbl_therapist-log(therapist_name,therapist_ip,therapist_status) values('".$_SESSION['dlogin']."','$uip','$status')");
$_SESSION['errmsg']="Invalid username or password";
$extra="therapist-login.php";
$uri  = rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("location:http://$host$uri/$extra");
exit();
}
}
?>

Select allOpen in new window

try it...
https://www.audiodigz.com/THERAPIST/therapist-login.php 

jack@gmail.com
Test@123

It's definitely possible that the therapist-dashboard.php has an error or something.

Try going to the command line and running php -l on it (that's a lowercase L), like this:
php -l therapist-dashboard.php

That will tell you if there are any syntax errors.

Adding error detection will avoid 500 errors

How many connections us your MySQL server cobfigured f, check MySQL errors to make sure it does not run out of connections intermittently denying access

Hey David,

This has already been pointed out a couple of times in this thread and several times in previous threads, but I'm going to say it again, because it's absolutely crucial that you understand this. When you turn off error_reporting, you're basically telling your entire application NOT to give you any information when it fails, so any vital detail that you need to solve problems is gone - you're left guessing! Turn on error reporting in every file while you're developing.

It seems that you're having problems with your includes, so a couple of tips. Put any file that needs to be included in a sub-folder of the document root. Call it something obvious like includes. The case of this matters! On Linux systems INCLUDES is not the same as includes. Then when you need to include a file, use the $_SERVER['DOCUMENT_ROOT'] value:

require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/somefile.php';

Select allOpen in new window

You can add subfolders to the includes folder if needed, but this way you won't have problems with relative paths - everything will be related to the document root.

Also, consider using require instead of include. Even better, use require_once. The difference is how failures happen. With require, you're telling your script that absolutely MUST have a certain file to continue, such as a DB connection script. require_once just means that it won't be loaded more than once.

Now looking at your code, you have this:

$num=mysqli_fetch_array($ret);
if($num>0) {

Select allOpen in new window

The mysqli_fetch_array() function will either return an array of data or NULL. You're coding it as if it returns a number. All you need is this:

if($num) { 

Select allOpen in new window

I'm guessing you're just testing at the moment, so just a quick reminder on this. You're still using direct user input in your queries, and you look to have plain text passwords. You're open to SQL injection, so you should switch to hashed passwords and prepared statements.

One final tip that may sound trivial, but will make a big difference - add some formatting to your code. Indent lines properly, add lines spaces between logical blocks. Little things like this mean you code is much easier to read. Being able to quickly scan over code makes tracking problems down much easier. You develop an eye for the logic flow pretty quickly

Thank you Chris for the valuable information.  I tried to execute your instructions to the best of my current ability...
made an includes folder

<?php
session_start();
require_once("include/config.php");
require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/somefile.php';
error_reporting(E_ALL);
if(isset($_POST['submit']))
{
$ret=mysqli_query($con,"SELECT * FROM tbl_therapist WHERE therapist_email='".$_POST['username']."' and therapist_password='".$_POST['password']."'");
$num=mysqli_fetch_array($ret);
if($num)

Select allOpen in new window

and the above.
put a file in the includes folder and named it errorfile.php.

one of the problems is dashboard.php loads but therapist-dashboard.php does not.  return says that it isn't working.

Right David,

I think to get you up and running it's probably easier to take a step back. Create your includes folder in your document root and add this simple file to it. Call it message.php

<?php
echo "FILE INCLUDED";

Select allOpen in new window

Now create another file in your main folder (call it test.php or something) and drop this in it:

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);

session_start();

require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/message.php';

Select allOpen in new window

Try running this file. You should see a message "FILE INCLUDED". This means that your files are including from the includes folder correctly. Once that's working, we can move on as we'll have solved the relative path problems.

1) SQL Injection: Use parameterized or prepared queries instead.

2) Never store passwords, use a salted hash instead or an identity provider. Read Plain Text Offenders Developers FAQ.

Thanks Chris.  Done. I do see the message.  File Included.

Perfect. Now use that file as the template for any other files you're developing where you need to include other files. Drop the includes into the includes folder and use the DOCUMENT_ROOT as the base. No matter where you run those files from, they'll include from the one standard place.

Now for the logic part, but before that, a couple of questions:

What version of PHP are you running?
Are you absolutely stuck with mysqli or would you be happy using PDO (cleaner, easier library IMO)

Hi Chris I am running PHP version: 7.2.7  on Go Daddy.  I'm kinda stuck with mysqli as I somewhat know this.  It seems that PDO is better, but I don't have the time right now to learn it.  So mysqli it is!  So the sticky part.  I have the main webpages on the ROOT.  Then I have five different versions of the same set up but with different loads.  I have ACCOUNTING, ADMIN, ASSIGN, CLIENT, THERAPIST they all have the same files in them but different dashboard.php's.  sidebar.php and header.php are all different from one another.

Probably the better way to do this is to have one Dashboard.php and load the content via a list of permissions for each category.  Beyond me though.

Fair enough.

Have a look at this:

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);

session_start();

require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/db.php';

if ( isset($_POST['submit']) ):

    $username = $_POST['username'] ?? false;
    $password = $_POST['password'] ?? false;

    if ($username && $password):

        $stmt = $db->prepare("SELECT id, password FROM tbl_therapist WHERE therapist_email = ? AND therapist_password = ?");
        $stmt->bind_param("ss", $username, $password);
        $stmt->execute();

        $result = $stmt->get_result();

        if ($therapist = $result->fetch_object()) {
            echo "LOGIN SUCCESSFUL";
        } else {
            echo "LOGIN FAILED";
        };

    endif;

endif;

Select allOpen in new window

Couple of things to note here. The code is including a file called db.php which should set up the connection to your database. In my example, I've assumed it's stored in a variable called $db. It's also assuming that you're going with the Object Oriented way instead of the procedural way. I'll post an example of that file below.

It checks to make sure we have submitted a form and then it checks we have a username and password. When running SELECT queries, it's considered best-practice to select only the columns you need, rather than use the *. Although we're not using the password column yet, we will be later on.

It runs the query as a parameterised query, so you get protection from SQL injection.  It then checks to see if we actually got a record or not. If we did, we have a successful login. If we didn't we get a failed login. Later on, you'll want to change that check so you use the password_verify() function for added security, but for now, this will do it's job.

When using mysqli, you have a choice of using it in 2 different modes - Procedural or OOP (Object Oriented). Procedural is considered the old way of doing things, and whilst it's still perfectly acceptable to do that, your code will be cleaner and more future-proof if you go the Object way. It also makes switching to PDO later on a lot easier. The connection file for your database should look something lke this:

<?php 
$hostname = 'localhost';
$username = 'username';
$password = 'password';
$database = 'database';

try  {
    mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
    $db = new mysqli($hostname, $username, $password, $database);
    $db->set_charset("utf8mb4");
} catch (mysqli_sql_exception $e) {
    error_log( $e->getMessage() );
    die( $e->getMessage() );
}

Select allOpen in new window

Change the credentials to your own and save that as db.php in your includes folder.

OK, I did all of that.  Receiving an error that the page is not working.  Also have these red notices in Dreamweaver...

Your Dreamwaever is out of date, so it doesn't recognize modern code - as long as you're using PHP7 on your server, you can ignore them.

It's highly unlikely that you received an error saying "your page is not working". I'm guessing there's something a little more specific ??

Here is the code...

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);

session_start();

require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/db.php';

if ( isset($_POST['submit']) ):

    $username = $_POST['username'] ?? false;
    $password = $_POST['password'] ?? false;

    if ($username && $password):

        $stmt = $db->prepare("SELECT therapist_id, therapist_password FROM tbl_therapist WHERE therapist_email = ? AND therapist_password = ?");
        $stmt->bind_param("ss", $username, $password);
        $stmt->execute();

        $result = $stmt->get_result();

        if ($therapist = $result->fetch_object()) {
            echo "LOGIN SUCCESSFUL";
        } else {
            echo "LOGIN FAILED";
        };

    endif;

endif;
?>

Select allOpen in new window

Wow - that's really helpful from the browser :(

There's nothing wrong with the code I've posted - I've just tested it myself. Let's walk it back and see where it fails:

Try just this on it's own:

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);

session_start();

require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/db.php';

var_dump($db);

Select allOpen in new window

One other thought - it may be the DB script that's failing. Add error reorting to that and see if you get any better information on failure:

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

$hostname = 'localhost';
$username = 'username';
$password = 'password';
$database = 'database';

try  {
    mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
    $db = new mysqli($hostname, $username, $password, $database);
    $db->set_charset("utf8mb4");
} catch (mysqli_sql_exception $e) {
    error_log( $e->getMessage() );
    die( $e->getMessage() );
}

Select allOpen in new window

To be honest, I feel like this requires a little more help than back-and-forth comments.

Chris - you suggested this:

require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/db.php'; 

Select allOpen in new window

...but he's working on a site located in the THERAPIST sub-folder of the document root, so that line is trying to access the parent site's includes folder, not the THERAPIST/includes folder.

I feel like this really needs to go back to the beginning a bit. There's already an established site in the document root, with sessions, which means there are eventually going to be separate session conflicts that have to be handled, too, even if he gets the DB part working.

This whole thing should probably start by setting up a separate folder structure in its own site, like therapist.audiodigz.com, instead of www.audiodigz.com/THERAPIST, so they are working with unique sessions and a folder structure that has nothing to do with the parent site.

Here you go...
Notice: Undefined variable: _SESSION in /home/audiodigz/public_html/THERAPIST/New-Therapist.php on line 108 

Okay.  My bad.  I added this to the page.

</head>
   <body class="login">
      <div class="row">
         <div class="main-login col-xs-10 col-xs-offset-1 col-sm-8 col-sm-offset-2 col-md-4 col-md-offset-4">
            <div class="logo margin-top-30">
            <div class="mbue"> mbue | Therapist Login</div>
                <!--a href="../../index.html">   <h2> mbue | Doctor Login</h2></a-->
            </div>

            <div class="box-login">
               <form class="form-login" method="post">
                  <fieldset>
                     <legend class="sign">Log into your account.</legend>
                     <div class="sign"><p>
                        Please enter your email and password to log in.<br />
                        <span style="color:red;"><?php echo $_SESSION['errmsg']; ?><?php echo $_SESSION['errmsg']="";?></span>
                     </p></div>
                     <div class="form-group">
                        <span class="input-icon">
                           <input type="text" class="form-control" name="username" placeholder="Username">
                           <i class="fa fa-user"></i> </span>
                     </div>
                     <div class="form-group form-actions">
                        <span class="input-icon">
                           <input type="password" class="form-control password" name="password" placeholder="Password">
                           <i class="fa fa-lock"></i>
                            </span>
                            <a href="forgot-password.php">
                           Forgot Password ?
                        </a>
                     </div>
                     <div class="form-actions">
                        
                        <button type="submit" class="btn btn-primary pull-right" name="submit">
                           Login <i class="fa fa-arrow-circle-right"></i>
                        </button>
                     </div>
                     
                  
                  </fieldset>
               </form>

               <div class="cr">
                  &copy; <span class="current-year"></span>-mbue. <span>All rights reserved</span>
               </div>
         
            </div>

         </div>
      </div>
      <script src="vendor/jquery/jquery.min.js"></script>
      <script src="vendor/bootstrap/js/bootstrap.min.js"></script>
      <script src="vendor/modernizr/modernizr.js"></script>
      <script src="vendor/jquery-cookie/jquery.cookie.js"></script>
      <script src="vendor/perfect-scrollbar/perfect-scrollbar.min.js"></script>
      <script src="vendor/switchery/switchery.min.js"></script>
      <script src="vendor/jquery-validation/jquery.validate.min.js"></script>
   
      <script src="assets/js/main.js"></script>

      <script src="assets/js/login.js"></script>
      <script>
         jQuery(document).ready(function() {
            Main.init();
            Login.init();
         });
      </script>
   
   </body>
   <!-- end: BODY -->
</html>

Select allOpen in new window

When I run your code separately it works...without error.  No just one site.  But five different dashboards.

Hmmmm. As long as you're calling session_start() at the beginning of your script, you shouldn't have a problem with that code. The only thing that looks a little off is you're trying to echo out the assignment:

echo $_SESSION['error_msg'] = ""

Probably better with this:

<?php if ( isset($_SESSION['errmsg']) ): ?>
    <span style="color:red;"><?= $_SESSION['errmsg'] ?></span>
<?php unset($_SESSION['errmsg']); endif; ?>

Select allOpen in new window

Oh yeah - and great news that you've got it running across several dashboards :)