CODEWITHSUNDEEP
phpmysqldatabasemysqli
vixus
vixus

Reputation: 57

php script and die report

i have inherit some scripts and they work as intended but they all send certain error report. I am not strong in PHP so i am looking for some wisdom here.

heres the sample of script.

It listen to user activity and by UserID sets time stamp in DB telling us that user is active.

<?php
header('Access-Control-Allow-Origin: *');

$db = "xxx";//Your database name
$dbu = "xxx";//Your database username
$dbp = "xxx";//Your database users' password
$host = "xxx";//MySQL server - usually localhost

$link = mysqli_connect($host,$dbu,$dbp,$db);

if (!$link) {
    die(file_put_contents('error.dat', "activity connect db link fail: \n". mysqli_connect_error()));
}
//mysqli_set_charset($link, "utf8")
if (!mysqli_set_charset($link, "utf8")) {
    //printf("Error loading character set utf8: %s\n", mysqli_error($link));
    exit();
//} else {
    //printf("Current character set: %s\n", mysqli_character_set_name($link));
}

if(isset($_POST['uid'])){

     //Lightly sanitize the GET's to prevent SQL injections and possible XSS attacks
     $uid = strip_tags(mysqli_real_escape_string($link, $_POST['uid']));
     $sql = mysqli_query($link, "UPDATE ACTIVITY SET time=NOW() WHERE uid='$uid' ");

     if($sql){
    die(file_put_contents('error activity.dat', "activity $sql insert failed: \n". mysqli_connect_error()));
    }

//}else{
     //echo 'some error...';
}

mysqli_close($link);//Close off the MySQL connection to save resources.
?>

iw checked... script makes correct DB entry but it also creates error activity.dat with message: activity 1 insert failed:

Question now is... is this benign and shud i just comment that so it wont create any more error files or script needs some fixing?

Thank you!

Upvotes: 0

Views: 172

Answers (1)

Kosar Latif
Kosar Latif

Reputation: 116

Its working according to your code:

if($sql){
    die(file_put_contents('error activity.dat', "activity $sql insert failed: \n". mysqli_connect_error()));
}

Which means if $sql is true then put error message in activity.dat

Make it like this

if(!$sql){
    die(file_put_contents('error activity.dat', "activity $sql insert failed: \n". mysqli_connect_error()));
}

Which means if $sql is not true then put error message in activity.dat

Upvotes: 1

Related Questions