Hi i have created one simple squeeze page in which when user will put his/her name and email he/she will be redirected to the different webpage. So for that i have created following php code this php code is working when i am testing it on XAMPP localhost but when i uploaded it to godaddy for testing it's just giving me error that IT COULDN'T EXECUTE which i putted in my php. I removed godaddy host, user, pass and database details for security purpose but i tested it multiple times with the godaddy details but not working. Please help me out
<?php
$hostnm = "localhost";
$usernm = "root";
$passnm = "";
$dbnm = "mydbname";
$connect_mysqli = new mysqli($hostnm, $usernm, $passnm, $dbnm);
if($connect_mysqli === false){
die("ERROR: Could not connect. " . $mysqli->connect_error);
}
if(isset($_POST['submit'])){
if (isset($_POST['name'])) {
if (isset($_POST['email'])) {
// Escape user inputs for security
$uname = $_POST['name'];
$uemail = $_POST['email'];
$uname = mysqli_real_escape_string($connect_mysqli, $uname);
$uemail = mysqli_real_escape_string($connect_mysqli, $uemail);
// Attempt insert query execution
$connect_query = "INSERT INTO lifetable (name, email) VALUES ('$uname', '$uemail')";
if($connect_mysqli->query($connect_query) === true){
echo '<script type="text/javascript"> window.location = "http://www.google.com/" </script>';
}else{
echo "Error : couldn't execute . ";
}
}
}
}
// Close connection
$connect_mysqli->Close();
?>
CodePudding user response:
You call the connection with new mysqli
$connect_mysqli = new mysqli($hostnm, $usernm, $passnm, $dbnm);
But you execute the real_escape_string with old mysql way
$uname = mysqli_real_escape_string($connect_mysqli, $uname);
$uemail = mysqli_real_escape_string($connect_mysqli, $uemail);
You should use new OOP
$uname = $connect_mysqli->real_escape_string($uname);
$uemail = $connect_mysqli->real_escape_string($uemail);
CodePudding user response:
I think you can try like this the code but I havent test it.
$connect_query = "INSERT INTO lifetable (name, email) VALUES ('$uname', '$uemail')";
$result = mysqli_query($connect_mysqli, $connect_query);
if(is_bool($result) === false){
header('Location: www.yourpage.com');
}else{
echo "Error : couldn't execute . ";
}
CodePudding user response:
Side note, You should be using prepared statements instead of embedding the variables in the SQL String. See here: PHP Prepared Statements