Connecting mysql database using PDO in external PHP file -

this question has answer here:

• php: “notice: undefined variable”, “notice: undefined index”, , “notice: undefined offset” 23 answers

i have index.php has form fetching user details when form submitted fires data new program.php validation in program.php i've linked db.php in i've connection database, code of db.php given below:

<?php     $link=mysql_connect('localhost', 'root', '') or die ("mysql_connect_error()");     $dbselect=mysql_select_db('test',$link) or die ("error while connecting database"); ?> 

since using way sql injections possible, tried changing code given below:

<?php $hostname='localhost'; $username='root'; $password='';  try {     $dbh = new pdo("mysql:host=$hostname;dbname=test",$username,$password);      $dbh->setattribute(pdo::attr_errmode, pdo::errmode_exception); // <== add line     $dbh = null; } catch(pdoexception $e) {     echo $e->getmessage(); } ?> 

but getting error when connect submit form. inside program.php have called db.php include "db.php";. since new pdo, not sure going wrong.

updated program.php code

<?php if($_post) {     include "link_db.php";      if ($_post[admin_sign_up])     {         $fname=$_post[fname];         $lname=$_post[lname];            $id   =$_post[id];         $id_pass=$_post[id_pass];         $sql="insert admin_database(fname, lname, id, id_pass)          value ('$fname','$lname','$id','$id_pass')";          mysql_query($sql);          $error=mysql_error();          if(empty($error))         {             echo "<script>alert('registration successful...')</script>";             header("location:index.php",true);         }         else          {             echo "registration failed...<br> email id in use<br>";             echo "<a href='failed.php'>click signup again</a>";         }     }      if ($_post[admin_login])     {          $id   =$_post[id];         $id_pass=$_post[id_pass];          $sql="select * admin_database id = '$id' , id_pass= '$id_pass'";         $result=mysql_query($sql);         echo mysql_error();         $row=mysql_fetch_array($result);         $rowcnt=mysql_num_rows($result);          if($rowcnt==1)         {             session_start();             $_session['id']=$id;             $_session['fname']=$row['fname'];             $_session['lname']=$row['lname'];             $_session['varn']="y";             echo "login successfully....";             header("location:home.php",true);         }         else         {             $id   =$_post[id];             $id_pass=$_post[id_pass];             $sql="insert adminfailure(id, id_pass, date_time)              value ('$id','$id_pass',now())";             mysql_query($sql);             $error=mysql_error();             if(empty($error))             {                 echo "invalid login id or password....";                 header("location:fail.php",true);             }             else             {                 echo "incorrect details";             }         }     }     if ($_post[logout])     {         header("location:destroy.php",true);     } } ?> 

updated errors get

notice: use of undefined constant test_sign_up - assumed 'test_sign_up' in b:\xampp\htdocs\test\program.php on line 6

notice: undefined index: test_sign_up in b:\xampp\htdocs\test\program.php on line 6

notice: use of undefined constant test_login - assumed 'test_login' in b:\xampp\htdocs\test\program.php on line 32

notice: use of undefined constant id - assumed 'id' in b:\xampp\htdocs\test\program.php on line 35

notice: use of undefined constant id_pass - assumed 'id_pass' in b:\xampp\htdocs\test\program.php on line 36 no database selected warning: mysql_fetch_array() expects parameter 1 resource, boolean given in b:\xampp\htdocs\test\program.php on line 41

warning: mysql_num_rows() expects parameter 1 resource, boolean given in b:\xampp\htdocs\test\program.php on line 42

notice: use of undefined constant id - assumed 'id' in b:\xampp\htdocs\test\program.php on line 56

notice: use of undefined constant id_pass - assumed 'id_pass' in b:\xampp\htdocs\test\program.php on line 57 incorrect details notice: use of undefined constant logout - assumed 'logout' in b:\xampp\htdocs\test\program.php on line 73

notice: undefined index: logout in b:\xampp\htdocs\test\program.php on line 73

in code, first create connection database, set null.
whenever try access $dbh object after that, null.

$dbh = new pdo("mysql:host=$hostname;dbname=test",$username,$password);  $dbh->setattribute(pdo::attr_errmode, pdo::errmode_exception); $dbh = null;  // <= right here. 

remove $dbh = null; line, , should able use object intended.

the $dbh object not "link" in mysql_* code, object use call database, not same object use in mysql_* calls.
i.e., can not use earlier mysql_* code , pass pdo object call instead of mysql link.
code differ bit earlier code.

example:

// earlier code using `mysql_* api`: $sql="select * admin_database id = '$id' , id_pass= '$id_pass'"; $result=mysql_query($sql); $row=mysql_fetch_array($result);   // using pdo: $statement = $dbh->prepare('select * admin_database id =:id , id_pass =:idpass'); // here can either use bindparam method, or pass params right execute call: $statement->execute(array('id' => $id, 'idpass' => $id_pass); $row = $statement->fetch();  

i'd recommend reading on pdo in docs if have issues converting code.

---

further recommendations:

when including file this, 1 want included once per script run, idea make sure included once. can done using include_once keyword instead of include. now, if use include, include script if possible, if cant, keep run script, , script crash when try use varaiables set in file.
instead of using include in case, recommend using require (or rather require_once) keyword. include file, , if cant, stop execution of script , display error message (if have error reporting on).