Consider a table with three columns id,name and bgname where bgname is a cyrillic equivalent of name.The table is created with UTF-8 collation. After using the following:
<?php
$sql = 'SELECT bgname FROM categories';
function getZapisi($sql,$dbh) {
foreach ($dbh->query($sql) as $row) {
print $row['bgname'] . "<br/>";
}
}
try {
$dbh = new PDO("mysql:host=localhost;dbname=test", 'root', 'pass');
/*** echo a message saying we have connected ***/
getZapisi($sql,$dbh);
}
catch(PDOException $e)
{
echo $e->getMessage();
}
?>
I get ??? from the query no matter if I use cp1251 or utf-8 collation for the bgname column. Thanks in advance
Check the encoding of your page. maybe you're getting correct results but the output html created by apache+php tells the browser to use some other encoding.
Try to look at this : http://dev.mysql.com/doc/refman/5.0/en/charset-connection.html
In fact the problem was terminated using:
$dbh = new PDO("mysql:host=localhost;dbname=test;", 'root', 'pass');
$dbh -> exec("set names cp1251");
Thanks for the effort
Related
We have a really old codebase with php5.2 some of them even in php3 using mysql 5.1 that we are trying to migrate to laravel 7/8. The data stored in the database is Japanese characters stored using latin1 encoding as,
¥í¥°¥¤¥óÀ®¸ù
¥í¥°¥¢¥¦¥È
¥á¡¼¥ë¥¢¥É¥ì¥¹Êѹ¹
Those data are displayed correctly when using php5.2 and are working fine in the current codebase but when I try to access that data using any version beyond php5.2 I cannot get the correct value.
Things I tried but didn't work.
Changed the file encoding with header in php file.
Changed string encoding with mb_convert_encoding.
Set default_charset in php.ini to empty string.
But none of the solutions seems to work. Is there any other way I can correctly display those data?
$dsn = 'mysql:dbname=dbname;host=127.0.0.1;port=3306';
$user = 'root';
$password = '';
$db = new PDO($dsn, $user, $password);
$query = $db->prepare('SELECT * FROM tablename');
if ($query->execute()) {
echo '<ul>';
while ($row = $query->fetch()) {
echo '<li>' . $row['column_name'] . '</li>';
}
echo '</ul>';
}
The same block of code displays correct data in the browser using php5.2 but it doesn't work in php7.3, how is that possible?
Specify the charset in the dsn, something like
$db = new PDO('dblib:host=host;dbname=db;charset=utf8mb4', $user, $pwd);
http://mysql.rjweb.org/doc.php/charcoll#php
More on Mojibake: Trouble with UTF-8 characters; what I see is not what I stored
I'm trying to create a secure, SQL-injection proof connection to a database using PDO. I've know certain character sets are vulnerable, but that UTF-8 is not one of them. I also know that I should turn PDO's prepared statement emulation mode off. Below is the code that I've put together for the connection. My question is twofold.
Can someone please take a look at my code below to make sure that I'm doing everything correctly? I've tested it, and it works. But is there something else I could add to make it more secure or am I doing it right?
I'm not 100% positive that my syntax for what's inside the array is correct, though I don't get any errors when I do an insert, so I'm inclined to believe that it is. However, is there a way to test or confirm that those attributes are actually being set? Or can someone tell by looking that the syntax is correct and those attributes are definitely being set?
Thanks for any help in advance. My full code for the database connection and an insert using a prepared statement is below.
function addItem($category, $item, $price) {
$dsn = 'mysql:host=localhost;dbname=myDatabase;charset=utf8';
$username = "myUsername";
$password = "myPassword";
$options = array(
PDO::ATTR_EMULATE_PREPARES => false,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
);
try {
$link = new PDO($dsn, $username, $password, $options);
$query = $link->prepare("INSERT INTO items (category, item, price)
VALUES (:category, :item, :price)");
$query->bindParam(':category', $category);
$query->bindParam(':item', $item);
$query->bindParam(':price', $price);
$query->execute();
echo "New item added successfully";
}
catch(PDOException $e) {
echo "Error: " . $e->getMessage();
}
$link = null;
}
I've created an admin panel on my website so when the admin logs in he can edit users. I'm trying to get it to create a table that displays a list of all the users on the database, however, when I run it I get the error:
No database selected
Here is the code in my editusers.php:
<?php
include 'adminpage.php';
include 'connection.php';
$sql = "SELECT * FROM Users";
$result = mysql_query($sql)or die(mysql_error());
echo "<table>";
echo "<tr><th>UserID</th><th>First Name</th><th>Last Name</th><th>Email</th><th>D-O-B</th></tr>Username</th><th>Password</th><th>";
while($row = mysql_fetch_array($result)){
$userid = $row['UserID'];
$firstname = $row['FirstName'];
$lastname = $row['LastName'];
$email = $row['Email'];
$dob = $row['DateofBirth'];
$username = $row['Username'];
$password = $row['Password'];
// Now for each looped row
echo "<tr><td style='width: 200px;'>".$userid."</td><td style='width: 200px;'>".$firstname."</td><td>".$scale."</td><td>".$lastname."</td><td>".$email."</td></tr>".$dob."</td></tr>".$username."</td></tr>".$password."</td></tr>";
} // End our while loop
echo "</table>"
?>
First of all it looks like you are using mysql which isn't a wise move. This is because Mysql is actually deprecated and was improved to mysqli. Your problem may be to do with your database connection. You also haven't set a database. Like I said you can set an active database in your connection script. It should or could look something like this.
<?php
$conn = mysqli_connect("localhost", "root", "password", "database");
// Evaluate the connection
if (mysqli_connect_errno()) {
echo mysqli_connect_error();
exit();
}
?>
After that, your sql query is correct by selecting all from you table 'users' but in order to proceed I recommend creating a query where you use mysqli_query an select the $sql and $conn as parameters. In all honesty it is much advised to stop and continue once you have adapted to mysqli. Alternatively you can use PDO which in some cases can be seen as better to use rather than mysqli but the choice is yours. I personally would get to grips with mysqli and then look at some answers on Stack Overflow to decide whether you should use PDO or not. Visit the PHP manual here. Enter all the mysql functions you know and it will show you how to use the new mysqli version of the functions. Don't think that it is as simple as just adding and 'i' to the end of a mysql function. That's what I initially thought but there is alot to do with extra parameters etc. Hope this helps :-)
Hi I have a problem displaying accents on a PDO connection.
I'm learning php a web developing and I started developing using the mysql old php connection
function db_connect()
{
$result = new mysqli('localhost', 'database', 'password', 'user');
if (!$result)
return false;
return $result;
}
my tables use latin1 and utf8 charset and the webpage works fine, showing the words with accents.
I know that the charset and collation is ok beacause it works in the old way.
But when i try to use PDO all the words with accents appers diferent.
Here is and example to optain a category name
$db = database_connect();
$query = " select xxx from yyy where xxxyid = :xxxyid ";
$query_params = array(
':xxxyid' => $xxxyid
);
// Execute the query against the database
$query = $db->prepare($query);
$result = $query->execute($query_params);
if (!$result)
trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR);
$num_xxx = $query->rowCount();
if ($num_xxxs == 0)
return false;
$row = $query->fetch();
return $row['name'];
and my conection is set this way
$db_options = array(
PDO::ATTR_EMULATE_PREPARES => false // important! use actual prepared statements (default: emulate prepared statements)
, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION // throw exceptions on errors (default: stay silent)
, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC // fetch associative arrays (default: mixed arrays)
);
$database = new PDO('mysql:host=server;dbname=dbname;charset=utf8', 'user', 'password', $db_options); // important! specify the character encoding in the DSN string, don't use SET NAMES
// create prepared statement with one parameter for the category ID
I have search trying to find out a way to display letter with accents but i can't solve it.
I have found a solution in the same link you have posted. This solution is working for me:
http://forums.devshed.com/php-faqs-stickies/938827-pdo-security-php-5-3-6-a-post2851557.html#post2851557
function db_connect()
{
$result = new mysqli('localhost', 'database', 'password', 'user');
if (!$result) {
return false;
}
if (!$result->set_charset("utf8")) {
printf("Error loading character set utf8: %s\n", $result->error); exit();
} else {
printf("Current character set: %s\n", $result->character_set_name());
}
return $result;
}
My solution was completly different. Without any new options to PDO and so on.... My problem was when I filled in the values to db right through phpadmin or script, there was allways this kind of problem. But when I filled the db table in spreadsheet software and then import the filled file to db, problem was solved. This knowledge took me allmost one day of live. Hope it helps. Sorry for my english, I am slovakian.
I want to add a new column called image in an existing mysql table.
The type is BLOB, the attributes are BINARY and NO NULL
What code should I use in PhpMyAdmin?
In PhpMyAdmin you can use the table editor to add a new column from clicking on the structure of a table.
The mysql command instead, would be:
ALTER TABLE table_name ADD image MEDIUMBLOB NOT NULL
MEDIUMBLOB has a maximum size of 16MB, use LONGBLOB (up to 4GB) for anything bigger
If you have problems uploading BLOBs, check the value of max_allowed_packet http://dev.mysql.com/doc/refman/5.5/en/packet-too-large.html
It is not recommended to use BLOBs for saving images.
Save the files somewhere on your webserver for example .../htdocs/images/picture.jpg (assuming you use xampp).
then create a simple Column in you Database for Strings of the image names. To show you why i will use PHP.
in your .../htdocs/index.php
you can then do something like the following:
<?php
//enter you PhpMyAdmin details here.
$conn = mysql_connect("localhost", "mysql_user", "mysql_password");
if (!$conn) {
echo "Unable to connect to DB: " . mysql_error();
exit;
}
if (!mysql_select_db("mydbname")) {
echo "Unable to select mydbname: " . mysql_error();
exit;
}
$sql = "SELECT imageName
FROM MyTable
;
$result = mysql_query($sql);
if (!$result) {
echo "Could not successfully run query ($sql) from DB: " . mysql_error();
exit;
}
if (mysql_num_rows($result) == 0) {
echo "No rows found, nothing to print so am exiting";
exit;
}
// While a row of data exists, put that row in $row as an associative array
// Note: If you're expecting just one row, no need to use a loop
// Note: If you put extract($row); inside the following loop, you'll
// then create $userid, $fullname, and $userstatus
while ($row = mysql_fetch_assoc($result)) {
?>
<img src="images/<?=$row["userid"]?> <!-- this will get repeted for all the rows in you database -->
<?php
}
mysql_free_result($result);
?>
this is where i got the sample code from:
PHP Doc
i just modified it a bit .. but the php documentation is great btw.