Converting mysql to mysqli for PHP 7.1

Hello everyone, I followed this guide to create a simple PHP app to login and logout that I plan to use as a template in the future. The tutorial is here: Creating Your First PHP Application - http://buildinternet.com/2009/12/creating-your-first-php-application-part-1/

The errors:

Warning: mysqli_query() expects parameter 1 to be mysqli, string given in /Applications/MAMP/htdocs/twitterlistbuilder/www/classes/UserTools.class.php on line 41

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in /Applications/MAMP/htdocs/twitterlistbuilder/www/classes/UserTools.class.php on line 42

Warning: mysqli_query() expects at least 2 parameters, 1 given in /Applications/MAMP/htdocs/twitterlistbuilder/www/classes/DB.class.php on line 84

Warning: mysqli_error() expects exactly 1 parameter, 0 given in /Applications/MAMP/htdocs/twitterlistbuilder/www/classes/DB.class.php on line 84

The first issue I’m try to solve is on line 84 on DB.class.php, as that file is included in UserTools.class.php with [php]require_once ‘User.class.php’;[/php] at the top of the UserTools.class.php file.

Line 84 is this line included in the below in the class DB in the DB.class.php file: mysqli_query($sql) or die(mysqli_error());

[php]//Inserts a new row into the database.
//takes an array of data, where the keys in the array are the column names
//and the values are the data that will be inserted into those columns.
//$table is the name of the table.
public function insert($data, $table) {

	$columns = "";
	$values = "";

	foreach ($data as $column => $value) {
		$columns .= ($columns == "") ? "" : ", ";
		$columns .= $column;
		$values .= ($values == "") ? "" : ", ";
		$values .= $value;
	}

	$sql = "INSERT INTO $table ($columns) VALUES ($values)";

	mysqli_query($sql) or die(mysqli_error());

	//return the ID of the user in the database.
	return mysqli_insert_id();

}[/php]

Lines 41 and 42 in UserTools.class.php are included below. Line 41 starts with $result and line 42 starts with if)mysqli.

[php]//Check to see if a username exists.
//This is called during registration to make sure all user names are unique.
public function checkUsernameExists($username) {
$result = mysqli_query(‘DB’,“SELECT id FROM users WHERE username=’$username’”);
if(mysqli_num_rows($result) == 0)
{
return false;
}else{
return true;
}
}[/php]

Any guidance would be hugely appreciated! Thanks everyone.

mysqli_query expects 2 params the first is the database connection reference and the second is your sql so your first example you could pass the connection to the function and then to the query:
[php]
public function insert($link, $data, $table) {

	$columns = "";
	$values = "";

	foreach ($data as $column => $value) {
		$columns .= ($columns == "") ? "" : ", ";
		$columns .= $column;
		$values .= ($values == "") ? "" : ", ";
		$values .= $value;
	}

	$sql = "INSERT INTO $table ($columns) VALUES ($values)";

	mysqli_query($link, $sql) or die(mysqli_error());

	//return the ID of the user in the database.
	return mysqli_insert_id();

}

[/php]

Same goes for
[php]
public function checkUsernameExists($link, $username) {
$result = mysqli_query($link,“SELECT id FROM users WHERE username=’$username’”);
if(mysqli_num_rows($result) == 0)
{
return false;
}else{
return true;
}
}
[/php]

This script is open to mysql injections I would highly recommend you use prepared statements. http://php.net/manual/en/mysqli.prepare.php

I personally think switching over to PDO would be easier and better because you can use more than MySQL as the database. However, that is just my opinion.

Anyways this is how I would check for a duplicate user in a database table using PDO ->
[php] protected function usernameCheck($username) {
$db = DB::getInstance();
$pdo = $db->getConnection();

    $this->query = "SELECT 1 FROM users WHERE username = :username";
    $this->stmt = $pdo->prepare($this->query);
    $this->stmt->bindParam(':username', $username);
    $this->stmt->execute();
    $this->row = $this->stmt->fetch();
    if ($this->row) {
        /* If true we know there's a user with that username */
       return \TRUE; // Results come back true send message to user *Sorry, Username is unavailable* ::
    }
}[/php]

there’s a way to do this in mysqli, but I haven’t written script in mysqli in a long time plus I hate using ? for placeholders for the prepared statements.

Sponsor our Newsletter | Privacy Policy | Terms of Service