The database doesn't input anything


#1
I am using this code to connect to the database and that works but when I check the database it doesn't input anything. I'm pretty sure everything is right, the host, username, password, and database names are all correct but it's still not working or giving me an error code. It's just a blank page with connection successful. I'm trying to input a boolean value into my database.

write_data.php code:

<?php

    // Connect to your database

    $dbconnect = mysqli_connect("inkndiode.ml","epiz_22606208","0fhmtmz9Byz");
    $dbselect = mysqli_select_db($dbconnect,"epiz_22606208_ti1");

    // Prepare the SQL statement
    $sql = "INSERT INTO epiz_22606208_ti1.sensor (value) VALUES ('".$_GET["value"]."')";   
    ('".$_GET["temp"]."','".$_GET["humid"]."','".$_GET["soilmoi"]."')";  
    // Execute SQL statement

    mysqli_query($dbconnect,$sql);

?>


------------------------------------------------------------------------------------------------

get_data.php:

<?php
$url=$_SERVER['REQUEST_URI'];
header("Refresh: 5; URL=$url");  // Refresh the webpage every 5 seconds
?>
    Sensor data
   
       

PMS sensor readings

   
     
           
           
           
     
     
<?php
    // Connect to database

   // IMPORTANT: If you are using XAMPP you will have to enter your computer IP address here, if you are using webpage enter webpage address (ie. "www.yourwebpage.com")
    $con=mysqli_connect("inkndiode.ml","epiz_22606208","0fhmtmz9Byz","epiz_22606208_ti1");
      
    // Retrieve all records and display them  
    $result = mysqli_query($con,'SELECT * FROM sensor ORDER BY id DESC');
     
    // Process every record
   
    while($row = mysqli_fetch_array($result))
    {     
        echo "
";
        echo "
";
        echo "
";
        echo "
";
        echo "
";
       
    }
       
    // Close the connection  
    mysqli_close($con);
?>
   
ID Timestamp Value
" . $row['id'] . " " . $row['time'] . " " . $row['value'] . "
   


#2

The mysqli_connect()'s host parameter should be like sql101.epizy.com (can be found at control panel > MySQL Databases).

Also, please change your password, given if the one you’ve wrote up there is real


#3
First of all, NEVER EVER SHARE YOUR PASSWORD WITH ANYONE. So especially don't publish it on a publicly accessible forum. I've forcefully reset your database password. Feel free to change it again, but don't reuse this password, as it has now been compromised.

Secondly, you're passing URL input data into the query without any validation or sanitation. This is a massive security flaw which exposes your software to SQL Injection Attacks. You could either validate or sanitize the input data, but it's even better to use prepared statements / parameterized queries to separate the SQL from the data.

Thirdly, the documentation in your code is misleading. It says "enter webpage address", which is not true. The code should connect to the database, not the website, so it should have the address of the database, not the one of your website. With many servers, this is the same, but with our hosting, the database hostname is different. You can find the database hostname to use in your control panel.

Fourthly, even though the page doesn't show a message, that doesn't mean there is one. Since the database hostname is not correct, I would expect the code to crash. However, our servers don't show error messages by default, you need to enable that yourself through the Alter PHP Config section.

And finally, when using MySQLi, your own code needs to check for any errors with the database. That means that, after doing a database call (like executing a query or setting up a connection), you need to check mysqli_connect_error and mysqli_error yourself to see if everything went well, and handle any errors accordingly.