CODEWITHSUNDEEP
javascriptphpmysql
Cactux
Cactux

Reputation: 27

insert browsers geoposition into mysql table with php?

I'm trying to store browser's geoposition obtained with javascript and posted via $.ajax into mysql table with php. I receive the posted data and converted in a recursive array so I can get only the latitude and longitude data but I'm getting two warnings(I will comment on code):

1->Warning: mysqli_real_escape_string() expects parameter 2 to be string, object given in. 2->Warning: mysqli_error() expects exactly 1 parameter, 0 given in

Here is my code:

geolocation and send data:

if (window.navigator.geolocation) {
    var failure, success;
    success = function (position) {
        console.log(position);
        var stringData = JSON.stringify(position, null);
        $.ajax({
            type: "POST",
            url: "GL_.php",
            data: {
                data: stringData
            }
        });
    };
    failure = function (message) {
        alert('Cannot retrieve location!');
    };
    navigator.geolocation.getCurrentPosition(success, failure, {
        maximumAge: Infinity,
        timeout: 5000
    });
}

...Receive data - > ...

<? php
$hostname_connection = "p:localhost";
$database_connection = "s_c"
$username_connection = "root";$password_connection = "";
$cs_connection = mysqli_connect($hostname_connection, $username_connection, $password_connection, $database_connection) or trigger_error(mysqli_error(), E_USER_ERROR); mysqli_set_charset($cs_connection, 'utf8');

function mysqli_result($res, $row, $field = 0) {
    $res - > data_seek($row);
    $datarow = $res - > fetch_array();
    return $datarow[$field];
}
if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {
        if (PHP_VERSION < 6) {
            $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
        }
        global $cs_connection;
        $theValue = > function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($cs_connection, $theValue) : mysqli_escape_string($theValue); //FIRST WARNING  
        switch ($theType) {
            case "text":
                $theValue = ($theValue != "") ? "'".$theValue."'" : "NULL";
                break;
            case "long":
            case "int":
                $theValue = ($theValue != "") ? intval($theValue) : "NULL";
                break;
            case "double":
                $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
                break;
            case "date":
                $theValue = ($theValue != "") ? "'".$theValue."'" : "NULL";
                break;
            case "defined":
                $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
                break;
        }
        return $theValue;
    }
}
if (isset($_POST['data'])) {
    $dataString = $_POST['data'];
}
function geoCodeUser($dataString) {
    global $database_connection;
    global $cs_connection;
    $position = json_decode($dataString, true);
    $lat = $position['coords']['latitude'];
    $lng = $position['coords']['longitude'];
    if ($dataString !== NULL) {
        $insertLatLng = sprintf("INSERT INTO usergeoloc (lat,long) VALUES (%s, %s)", GetSQLValueString($cs_connection, $lat, "text"), GetSQLValueString($cs_connection, $lng, "text"));
        $Result1 = mysqli_query($cs_connection, $insertLatLng) or die(mysqli_error($cs_connection)); //SECOND WARNING
    } else {
        echo "NO CONTENT";
    }
}
geoCodeUser($dataString);
?>

The variables $lat and $lng are populated each one with the corresponding value but as I've mentioned previously the error came up. Can anyone explain what's wrong here?

Upvotes: 0

Views: 82

Answers (2)

Twisty
Twisty

Reputation: 30883

Catch like this:

if($cs_connection){
  $theValue = mysqli_real_escape_string($cs_connection, $theValue);
} else {
  // No DB Connection, so no way reason to escape
}

Upvotes: 0

Patrick Evans
Patrick Evans

Reputation: 42736

For the first error your problem is you are calling your GetSQLValueString method wrong, you have it defined as 

GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

but are calling it with these arguments 

GetSQLValueString($cs_connection, $lat, "text"),
GetSQLValueString($cs_connection, $lng, "text")

so $theValue gets set to an object (the mysqli link)

As for the mysqli_error error you are not passing it the required argument

http://php.net/manual/en/mysqli.error.php

Procedural style

string mysqli_error ( mysqli $link )

you have: 

die(mysqli_error())

it should be 

die(mysqli_error($cs_connection))

Upvotes: 1

Related Questions