PHP - Disadvantage when using the mysql extension [closed]

Question

PHP - Disadvantage when using the mysql extension [closed]

Navigation

#1 by (2 votes)
#2 by (1 votes)
#3 by (1 votes)

1

Good, I need help to extract the data from the logged in user in my system. This is my database with their respective fields:

What I want to do is that when the user enters, his / her email will be visible in all the following pages. Try this code:

if($rows==1){
                $_SESSION['username'] = $username;
                $_SESSION['email']=$rows['email'];

And then place the $ _ SESSION ['email'] on all pages, but nothing happens. So I would appreciate any recommendation.

This is all the code I am using:

db.php

<?php
$connection = mysql_connect('localhost', 'root', '123');
if (!$connection){
    die("Database Connection Failed" . mysql_error());
}
$select_db = mysql_select_db('login');
if (!$select_db){
    die("Database Selection Failed" . mysql_error());
}
?>

login.php

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Login</title>
<link rel="stylesheet" href="css/style.css" />
</head>
<body>
<?php
    require('db.php');
    session_start();

    if(isset($_SESSION["username"])){
    header("Location: index.php");
    exit(); }


    // If form submitted, insert values into the database.
    if (isset($_POST['username'])){
        $username = $_POST['username'];
        $password = $_POST['password'];
        $username = stripslashes($username);
        $username = mysql_real_escape_string($username);
        $password = stripslashes($password);
        $password = mysql_real_escape_string($password);
    //Checking is user existing in the database or not
        $query = "SELECT * FROM 'users' WHERE username='$username' and password='".md5($password)."'";
        $result = mysql_query($query) or die(mysql_error());
        $rows = mysql_num_rows($result);
        if($rows==1){
            $_SESSION['username'] = $username;
            header("Location: index.php"); // Redirect user to index.php
            }else{
                echo "<div class='form'><h3>Username/password is incorrect.</h3><br/>Click here to <a href='login.php'>Login</a></div>";
                }
    }else{
?>
<div class="form">
<h1>Log In</h1>
<form action="" method="post" name="login">
<input type="text" name="username" placeholder="Username" required />
<input type="password" name="password" placeholder="Password" required />
<input name="submit" type="submit" value="Login" />
</form>
<p>Not registered yet? <a href='registration.php'>Register Here</a></p>
</div>
<?php } ?>
</body>
</html>

auth.php

<?php
session_start();
if(!isset($_SESSION["username"])){
header("Location: login.php");
exit(); }
?>

index.php

<?php include("auth.php"); //include auth.php file on all secure pages ?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Welcome Home</title>
<link rel="stylesheet" href="css/style.css" />
</head>
<body>
<div class="form">
<p>Welcome <?php echo $_SESSION['username']; ?>!</p>
<p>This is secure area.</p>
<p><a href="dashboard.php">Dashboard</a></p>
<a href="logout.php">Logout</a>
</div>
</body>
</html>

*** Finally, they told me that the code I'm using is obsolete (mysql) and that it used mysqli ... my question is:

What problems will cause me to use obsolete code?

This is a small job, while I try to learn php, because so far I am null in this language.

mysql php mysqli

asked by Raphael 09.06.2016 в 20:59

source

3 answers

2

Here is an answer to your question about the obsolete code ...

If you use obsolete code it is more likely that in the future when there is a new version of the language your cudigo no longer works for the new verison therefore you must change everything obsolete for the equivalent of something that is valid, therefore if you use obsolete code it will be very difficult to keep your app up to date with the benefits of using the speed and security that the language updates bring.

answered by 09.06.2016 в 22:40

1

Well, look at the PHP documentation, comment on the following:

Why is the use of the MySQL extension (ext / mysql), which I have used for more than 10 years, discouraged? Is it obsolete? What do I use instead? How can I migrate?

There are three MySQL extensions, as described in the section Choosing a MySQL API . The old API must not be used, it is obsoleted as of PHP 5.5.0 and it has been moved to PECL to paritr of PHP 7.0.0. It is strongly recommended to write the entire new code with mysqli or PDO_MySQL .

The migration of the scripts is not available at the moment, although the mysqli API API contains both a procedural API and a POO API, with the procedural version similar to ext / mysql.

It is not possible to mix extensions. So, for example, passing a mysqli connection to PDO_MySQL or ext / mysql will not work.

Original Document - PHP FAQ

answered by 09.06.2016 в 21:37

Send with phpMailer as attachment a $ pdf created? How to implement AsyncTask when reviewing connectivity?

score 1 · Accepted Answer

Cordial Greeting,

Change your code

$ rows = mysql_num_rows ($ result);
if ($ rows == 1) {
$ _SESSION ['email'] = $ rows ['email'];

for

$ count_rows = mysql_num_rows ($ result);
if ($ count_rows == 1) {
while ($ row = mysql_fetch_array ($ result)) {
$ _SESSION ['email'] = $ row ["email"];
}

your error is that the mysql_num_rows function does not extract the information from the query, for this you must use mysql_fetch_array

On whether or not to use obsolete code; It is not bad to learn, but it is better to learn about the new. You should not use obsolete things to generate a product