Help on turning this from mysql to mysqli or pdo

Technologx · March 7, 2016, 11:32pm

I’d like to update this code to work with PHP version 7 but I’m not sure how to do it.

Here’s the code:

[php]<?php
require_once(“config.php”);
require_once(“functions.php”);

db_connect();

$alias = trim(mysql_real_escape_string($_GET[‘alias’]));

if (!preg_match("/^[a-zA-Z0-9_-]+$/", $alias)) {
header("Location: ".SITE_URL, true, 301);
exit();
}

if (($url = get_url($alias))) {
header(“Location: $url”, true, 301);
exit();
}

header("Location: ".SITE_URL, true, 301);[/php]

I’d also like to change this to mysqli or pdo:

[php]

<?php require("../functions.php"); error_reporting(0); define("DB_HOSTNAME", $_POST['server']); define("DB_USERNAME", $_POST['user']); define("DB_PASSWORD", $_POST['pass']); define("DB_NAME", $_POST['db']); define("DB_VERSION", 4); db_ins_connect(); ?>[/php]

[php]

<?php error_reporting(0); $server = $_POST['server']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; $siteurl = $_POST['siteurl']; $sitetitle = $_POST['sitetitle']; $adminuser = $_POST['adminuser']; $adminpass = $_POST['adminpass']; ?> <?php $File = "../config.php"; $Handle = fopen($File, 'w'); $Data = "<?php\n"; fwrite($Handle, $Data); $Data = "define('DB_HOSTNAME', '$server');\n"; fwrite($Handle, $Data); $Data = "define('DB_USERNAME', '$user');\n"; fwrite($Handle, $Data); $Data = "define('DB_PASSWORD', '$pass');\n"; fwrite($Handle, $Data); $Data = "define('DB_NAME', '$db');\n"; fwrite($Handle, $Data); $Data = "define('DB_VERSION', '4');\n"; fwrite($Handle, $Data); $Data = "define('DB_PREFIX', 'shortilicious_');\n"; fwrite($Handle, $Data); $Data = "define('SITE_URL', '$siteurl');\n"; fwrite($Handle, $Data); $Data = "define('SITE_TITLE', '$sitetitle');\n"; fwrite($Handle, $Data); $Data = "define('ADMIN_USERNAME', '$adminuser');\n"; fwrite($Handle, $Data); $Data = "define('ADMIN_PASSWORD', '$adminpass');\n"; fwrite($Handle, $Data); $Data = "define('URL_PROTOCOLS', 'http|https|ftp|ftps|mailto|news|mms|rtmp|rtmpt|e2dk');\n"; fwrite($Handle, $Data); $Data = "define('Shortilicious_VERSION', '1.0.0');\n"; fwrite($Handle, $Data); $Data = "define('Shortilicious_NUMERICVERSION', '100');\n"; fwrite($Handle, $Data); $Data = "error_reporting(E_ALL);\n"; fwrite($Handle, $Data); $Data = "\$_ERROR = array();\n"; fwrite($Handle, $Data); fclose($Handle); ?>[/php]

I’m trying to get my URL Shortener script up to date.

ErnieAlex · March 8, 2016, 2:06am

Well, first you should decide if you want to use PDO or MySQLi. They are quite different. Most of the experienced programmers here suggest PDO. Here is a link to w3schools that talks about which you might want
to use. It also shows some of the differences in them. It might be a good place to start. Also, to save some
time, here is a ebook that a lot of programmers here suggest that talks about what is best for PHP usage.
Hope this helps get you started…

http://www.w3schools.com/php/php_mysql_connect.asp
http://www.phptherightway.com/

Technologx · March 8, 2016, 2:16am

To be honest I’d like to use PDO but I’m not sure how to fix my code to have PDO instead of MySql.

ErnieAlex · March 8, 2016, 2:23am

Well, did you read the links? The first one shows you how to create a connection to the database using PDO.
Just press the green NEXT-CHAPTER and you will learn how to create a database, table, fields in PDO. Just look
down each chapter for the PDO section. It covers most items you need to learn for PDO.

When you get stuck, ask here and someone will help you…

Technologx · March 8, 2016, 2:26am

Well my 1 thing I really am worried about it how to put in the script to create the config.php file to use PDO.

ErnieAlex · March 8, 2016, 2:58am

Well, you need to look in the config.php as that is where you have the connection to the database set up.
Next, you have to go thru every single page in the system and find all of the places where you use the tables
in the database. Most all of them will start with mysql_ … These are the MySQL functions for database accesses
and all of these will need to be changed. Also, you may have to change the way you do your queries as you
will need to learn about prepared statements for setting up data for queries. Most of that can be figured out by
the links I posted. When you get stuck with one step, post it here and we can help.

Please note, if you update your connection from MySQL to PDO, all of your database functions need to be done
also. Just changing the connection will NOT work.

Technologx · March 8, 2016, 3:03am

The config.php file isn’t editable since the script creates it with the following code.

[php]

<?php error_reporting(0); $server = $_POST['server']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; $siteurl = $_POST['siteurl']; $sitetitle = $_POST['sitetitle']; $adminuser = $_POST['adminuser']; $adminpass = $_POST['adminpass']; ?> <?php $File = "../config.php"; $Handle = fopen($File, 'w'); $Data = "<?php\n"; fwrite($Handle, $Data); $Data = "define('DB_HOSTNAME', '$server');\n"; fwrite($Handle, $Data); $Data = "define('DB_USERNAME', '$user');\n"; fwrite($Handle, $Data); $Data = "define('DB_PASSWORD', '$pass');\n"; fwrite($Handle, $Data); $Data = "define('DB_NAME', '$db');\n"; fwrite($Handle, $Data); $Data = "define('DB_VERSION', '4');\n"; fwrite($Handle, $Data); $Data = "define('DB_PREFIX', 'shortilicious_');\n"; fwrite($Handle, $Data); $Data = "define('SITE_URL', '$siteurl');\n"; fwrite($Handle, $Data); $Data = "define('SITE_TITLE', '$sitetitle');\n"; fwrite($Handle, $Data); $Data = "define('ADMIN_USERNAME', '$adminuser');\n"; fwrite($Handle, $Data); $Data = "define('ADMIN_PASSWORD', '$adminpass');\n"; fwrite($Handle, $Data); $Data = "define('URL_PROTOCOLS', 'http|https|ftp|ftps|mailto|news|mms|rtmp|rtmpt|e2dk');\n"; fwrite($Handle, $Data); $Data = "define('Shortilicious_VERSION', '1.0.0');\n"; fwrite($Handle, $Data); $Data = "define('Shortilicious_NUMERICVERSION', '100');\n"; fwrite($Handle, $Data); $Data = "error_reporting(E_ALL);\n"; fwrite($Handle, $Data); $Data = "\$_ERROR = array();\n"; fwrite($Handle, $Data); fclose($Handle); ?>

[/php]

ErnieAlex · March 8, 2016, 3:51am

So, it creates a config file using type-in’s from a posted page? What the ??? That doesn’t seem secure to me!

But, to do it, you would leave all of the posted data in the same format. That has nothing to do with the PDO
connection code. You need to rewrite the connection first using PDO’s layout. That is in the link posted to you.
Then, once you get the general layout, you can use the DEFINEd data and plug it into the correct places in the
new PDO version.

By the way, what is this used for? I mean, you allow inputs to be placed into your database connection code?
That just does not seem like a correct way to handle this. First, if the file is corrupted due to server issues in
the text handling, none of your connections would work. Next, passing data thru POST’s are not very secure
and can be monitored, therefore, a good hacker could capture your URL’s, passwords, etc… Perhaps if you
explain to us what this is used for, we might be able to come up with a better way.

Anyway, start creating one working PDO connection to one of your databases. Then, replace the data with
your posted data defines. Good luck…

Technologx · March 8, 2016, 4:45am

It’s a URL Shortener script and the code I’m showing you is the redirect.php, and the install scripts that has 5 steps.

ErnieAlex · March 8, 2016, 8:15pm

Well, the code you posted write info to a config file, but, it is NOT the connection string. It is just a list of data that
is written to a file. I am assuming in another file, it uses this info to make the redirected connection. You would
need that file to be changed. So, the code:
[php]

<?php $File = "../config.php"; $Handle = fopen($File, 'w'); $Data = "<?php\n"; fwrite($Handle, $Data); $Data = "define('DB_HOSTNAME', '$server');\n"; fwrite($Handle, $Data); $Data = "define('DB_USERNAME', '$user');\n"; fwrite($Handle, $Data); $Data = "define('DB_PASSWORD', '$pass');\n"; [/php] Is really like this: (Note the change of formatting so it can be read more easily.) [php] <?php $File = "../config.php"; $Handle = fopen($File, 'w'); $Data = "<?php\n"; fwrite($Handle, $Data); $Data = "define('DB_HOSTNAME', '$server');\n"; fwrite($Handle, $Data); $Data = "define('DB_USERNAME', '$user');\n"; fwrite($Handle, $Data); $Data = "define('DB_PASSWORD', '$pass');\n"; [/php] Setting the $Data variable is a waste of code. The values could be put into the fwrite function directly and save a lot of server time. (Not important really.) The code just writes a file of "DEFINEs" with PHP tags around it all. So, this is just code that is used in another file to connect to the database. You would need to find that file and see how it uses these defined variables and then alter that code to use PDO. It would also mean that you would need to change all of the accesses to the database. If you can not edit the pages on the redirected server, you will not be able to change all of them to PDO. PDO does nothing for writing define's to a file, it is used for the connections and accesses of databases. It does protect your data more than MySQL does and is the target that most of the programmers suggest here on this site. Well, more info... Hope it helps...

Technologx · March 11, 2016, 2:32am

Does this look right for a mysqli connection?

[php]

<?php require("../functions.php"); error_reporting(0); $servername = "localhost"; $username = "username"; $password = "password"; $dbname = "databasename"; // Create connection $conn = mysqli_connect($servername, $username, $password, $dbname); // Check connection if (!$conn) { die("Connection failed: " . mysqli_connect_error()); } define("DB_VERSION", 4); db_ins_connect(); ?>

[/php]

ErnieAlex · March 11, 2016, 2:36am

Yes, that looks like standard MySQLi code.

Technologx · March 11, 2016, 3:02am

Well with that I’m running into this error.

Connection failed: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

ErnieAlex · March 11, 2016, 3:08am

Did you replace the four variables with your correct database info? These all need to be altered:
$servername = “localhost”;
$username = “username”;
$password = “password”;
$dbname = “databasename”;

You need to use “localhost” if your hosting server requires it, otherwise, it needs to be the server name given to
you by the hosting company. The username and password is what you set up when you created the database.
The dbname is the name of the database that you created.

Technologx · March 11, 2016, 3:19am

All the database info is inputed with this:

[php]

MySQL Server:                  High chance you won't need to change this.
MySQL Username:            The username for logging in to MySQL.
MySQL Password:            The passwrd for logging in to MySQL.
MySQL Database:             The empty database you want Shortilicious to use.
[/php]

Technologx · March 11, 2016, 3:28am

I would like to apologize if my newbieness is frustrating anyone. I just took this code from PHUrl and was trying to update it and give it UI look which it lacked completely.

ErnieAlex · March 11, 2016, 3:46am

Well, when a user posts inputs to your PHP code, it is read using the $_POST[] array. Therefore, you would
want to change your variables to use those values. Loosely, you would do it like this:
$username = $_POST[‘user’];
And change the other inputs for password, database, etc… You should make sure they are safe because a user
can enter bad code into the input fields. If your databases are from a set list, you could put them into a SELECT
clause which would protect them from hackers. But, if they really do need to be entered by a user, then, you
should make sure they are clean.

Hope that helps…

Technologx · March 11, 2016, 4:06am

So like this:

[php]
<input $username = $_POST[‘user’]; style=“width: 150px” type=“text” />
[/php]

ErnieAlex · March 11, 2016, 4:23am

Okay, you are mixing up your questions. First, the tag is for the form where the user plugs in their
data for whatever input you need. As in this case, the username info. For that, you would just have it as it
was before. Just Normal form input line…

Then, in the PHP to READ the value that the user types into it, you would pull it out like this:

<?PHP $username = $_POST['user']; ?>

Then, you pull out the rest of the fields and use them in your code to handle their request.

If you are just upgrading working code to be more “pretty”, then, you would just use CSS to make it all like
you would want it. Normally, if you want all fields the same width, you would do this inside the CSS file. You
can assign all inputs to be set to 150 pixels like this:

input { width: 150px; }

Or, you can place it into a CSS file and attach it to the page. This would make ALL input fields 150px; and you
would not need to put it into each of them one by one.

I noted in your posted code, it is full of &nbsp’s which are no longer used. This forces the display to skip one
full character space. This is normally done in CSS using a margin or in some cases padding. You can leave a
space of a set width of pixels using “margin-right: 15px;” or whatever is needed. If you added this to all of the
inputs, you could place it into the above input styling CSS and save typing it in for each separate input field.

There are thousands of internet sites that have tutorials on CSS if you want to learn about them. Or you can
find a lot on CSS in the W3Schools link I posted earlier. Well, here is a lot more for you to think about…

Good luck!

Technologx · March 11, 2016, 4:33am

Thank you for your help. With the code I’m just really trying to update to work with the newer versions of PHP. So let me see if I get this right I do [php]<? $username = $_POST['user']; ?>[/php]?