Mysqli connect with php

system · October 4, 2014, 2:19am

This is on the site

<form action="<?php echo URL; ?>inventory/connect" method="post"> <label>Username</label> <input type="text" name="username" required /> <label>Password</label> <input type="password" name="password" required /> </select> <input type="submit"/> </form>

this is my connect.php file

[code]$server = ‘localhost’;
$db = ‘cars’;
$user = $_POST[“username”];
$pass = $_POST[“password”];

$mysqli = new mysqli($server, $user, $pass, $db);
$mysqli_report(MYSQLI_REPORT_ERROR);[/code]

This is my error

[code]Warning: mysqli::mysqli(): (HY000/1045): Access denied for user ‘hotshots’@‘localhost’ (using password: YES) in D:\EasyPHP\data\localweb\application\views\inventory\connect.php on line 7

Notice: Undefined variable: mysqli_report in D:\EasyPHP\data\localweb\application\views\inventory\connect.php on line 8

Fatal error: Function name must be a string in D:\EasyPHP\data\localweb\application\views\inventory\connect.php on line 8[/code]

Im trying to make it so they can log in into the database with what they type in the website and if it is correct it will continue otherwise it will return to same page with a error

lothop · October 4, 2014, 6:26am

[php]$mysqli = new mysqli($server,$user,$password);
mysqli_select_db($mysqli,$db);[/php]

Strider64 · October 4, 2014, 11:13am

Why would you have a user enter a database name and credentials like that? You want to check against the database TABLE not the database itself. You also aren’t using any password hashing -> http://us1.php.net/manual/en/ref.password.php The way you are going about doing it is giving full access to the database itself if the hackers crack the password and that is a big big security breach.

techno4229 · October 4, 2014, 5:17pm

im still new, and i just been trying this out. any way you can help me out and get that going?

wlraider70 · October 7, 2014, 6:58pm

Can you explain the goal a little more?
Are you trying to give sql access to each person who submits the form? ie. user hotshots gets access to the sql queries? You would need code to create a user with their password after they submit the form.

techno4229 · October 7, 2014, 11:25pm

Well i want to have it so when they log in, it connects to the mysql db with the credentials they used. I have it set on the db where they can only modify a certain db i assign to them. If you need to look at how i have it set up your more then welcome to use teamviewer or skype to look at what i have and maybe i can explain a little better.

benanamen · October 8, 2014, 4:14pm

The fact that you are using different databases for each person smells of a bad design.