Can anyone tell me why the following code is giving me an error page 500. And also how, can I correct it.
mysql_connect("xxx", "xxx", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());
$sql = "INSERT INTO oc2_ads (id_user, id_category)
VALUES ('$id_user', '$id_category')";
mysql_query($sql);
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
Thank you
You cannot mix database API's. You start with older mysql_* functions and then move to some OOP version API (either MySQLi or PDO). If you want to use the older API all the way through you would do this:
mysql_connect("xxx", "xxx", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());
$sql = "INSERT INTO oc2_ads (id_user, id_category)
VALUES ('$id_user', '$id_category')";
$result = mysql_query($sql);
if ($result === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . mysql_error();
}
Your script is at risk for SQL Injection Attacks.
Please stop using mysql_* functions. These extensions have been removed in PHP 7. Learn about prepared statements for PDO and MySQLi and consider using PDO, it's really pretty easy.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments