rls1982 rls1982 - 2 months ago 10
PHP Question

MySQL - PHP - Access denied for user ''@'localhost' to database 'myproject'

I'm very new to PHP so please bear with me. I have a registration form and I'm submitting the values entered on that form and having them inserted into a MySQL Database table, but I'm getting the following error:

ErrorAccess denied for user ''@'localhost' to database 'myproject'

I've granted all the access that is possible to the user that I'm using in my code, but I'm still having this error. Any help is appreciated and points will be awarded!

Here is my HTML Form:

<!DOCTYPE html>
<html>

<head>

<link rel="stylesheet" type="text/css" href="stylesheet.css">

<title>Registration Page</title>

<script>
function validateForm() {
var x = document.forms["myForm"]["netID"].value;
if (x == null || x == "") {
alert("NetID must be filled out");
return false;
}

var y = document.forms["myForm"]["email"].value;
if (y == null || y == "") {
alert("Email must be filled out");
return false;
}

var n = document.forms["myForm"]["fname"].value;
if (n == null || n == "") {
alert("First Name cannot be blank");
return false;
} else if (n.length < 2) {
alert("First name cannot be less than 2 characters!");
return false;
}

var b = document.forms["myForm"]["lname"].value;
if (b == null || b == "") {
alert("Last Name cannot be blank");
return false;
} else if (b.length < 2) {
alert("Last Name cannot b less than 2 characters!");
return false;

}

}

</script>



</head>
<body>

<ul>
<br>
<br>
<br>
<br>

<center><img src="KSUlogo.PNG" alt="logo" style="width:100px;height:50px;"></center>
<br>
<br>
<br>
<br>
<br>
<li><a class="active" href="#home">Home</a></li>
<br>
<br>
<br>
<br>
<li><a href="#news">News</a></li>
<br>
<br>
<br>
<br>
<li><a href="#contact">Contact</a></li>
<br>
<br>
<br>
<br>
<li><a href="#about">About</a></li>
<br>
<br>
<br>
<br>
</ul>


<h1 style="text-align:center;">CCSE Community Profile Page</h1>

<br>
<br>
<br>
<br>
<br>


<h2 style="text-align:center;">Enter your Registration Information</h2>

<div style="text-align:center">

<form name="myForm" action="RegistrationValues.php"
onsubmit="return validateForm()" method="post">

<center>NetID: <input type="text" name="netID"></center>
<br>
<center>Email: <input type="text" name="email"></center>
<br>
<center>First Name: <input type="text" name="fname"></center>
<br>
<center>Last Name: <input type="text" name="lname"></center>
<br>
<br>
Services You Can Provide the CSE Community</center><br>
<br>
<input type="checkbox" name="radio" value="Java"> Java Tutoring<br>
<input type="checkbox" name="radio" value="Computer" checked> Computer Fixing<br>
<input type="checkbox" name="radio" value="PHP" checked> PHP Tutoring<br>
<br><br>
<select name="availabilty">
<option value="blank"></option>
<option value="Java">Morning</option>
<option value="Computer">Evening</option>
<option value="Service">Afternoon</option>
</select>
<br><br>

<center><input type="submit" value="Submit"></center>
</form>

</div>


</body>
</html>


Here is my PHP form:

<!DOCTYPE html>
<html>

<head>

<link rel="stylesheet" type="text/css" href="stylesheet.css">

<title>Registration Page</title>

</head>

<body>

<?php include "header.html";?>
<?php include "navigation.html";?>

<div style="text-align:center">

<p>netID: <?php echo $_POST["netID"]?></p>

<p>Email: <?php echo $_POST["email"]?></p>

<p>First Name <?php echo $_POST["fname"]?></p>

<p>Last Name: <?php echo $_POST["lname"]?></p>

<?php

$netID = $email = $fname = $lname = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
$netID = test_input($_POST["netID"]);
$email = test_input($_POST["email"]);
$fname = test_input($_POST["fname"]);
$lname = test_input($_POST["lname"]);
}

function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}

$servername = "localhost";
$username = "myUser";
$password = "newpassword";
$dbname = "myproject";

// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
mysql_select_db("$dbname") or die( 'Error'. mysql_error() );
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
mysql_query("insert into ProfileInformation (netID, email, fname, lname, radio, availabilty)
values
('$_POST[netID]','$_POST[email]','$_POST[fname]','$_POST[lname]','$_POST[radio]','$_POST[availabilty]')")
or die(mysql_error());
echo "Done!!!!";


$stmt->close();
$conn->close();
?>


</body>
</html>


It seems to be reading '' as a username somewhere but I'm not sure though.
Thanks in advance. It is greatly appreciated.

Answer

You need to pick one api and use it rather than mix n match - however, saying that it would be better to use prepared statements rather than embedding the $_POST variables directly in the sql. Incidentally the names within $_POST need to be quoted unless they exist as constants!

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);

if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

$conn->query("insert into ProfileInformation (netID, email, fname, lname, radio, availabilty) 
                values
            ( '{$_POST['netID']}', '{$_POST['email']}', '{$_POST['fname']}', '{$_POST['lname']}', '{$_POST['radio']}', '{$_POST['availabilty']}' )") or die(mysql_error());

            echo "Done!!!!";

$conn->close();