mysqli_real_escape_string () ожидает, что параметр 1 будет mysqli

Вот мой полный код ….

connect.php

• Уникальный формальный токен отключает многозадачность для пользователя
• Doctrine QueryBuilder удалить с помощью соединений
• Каковы наилучшие методы шифрования паролей, хранящихся в MySql, с использованием PhP?
• Каково максимальное количество подключений cURL?
• Хорошее программное обеспечение для анализа / статистики с открытым исходным кодом на PHP?

$connect = @mysql_connect ($host, $username, $password, $db_name) or die ('error'); $select = @mysql_select_db($db_name, $connect) or die('check'); 

пароль .php

 //forgot password update include('C:\wamp\www\header.html'); //check if form has been submitted include('C:\wamp\www\connect.php'); //connecting to db $errors = array(); if(isset($_POST['submitted'])) { if (empty($_POST['username'])) { $errors[]='Please enter a username.'; } else { $u = mysqli_real_escape_string($connect,trim($_POST['username'])); } //check for current password if (empty($_POST['password'])) { $errors[]='Current password does not match.'; } else { $p = mysqli_real_escape_string($connect,trim($_POST['password'])); } //check for a new password and match with confirm pass. if(!empty($_POST['password1'])) { if($_POST['password1'] != $_POST['cpass']) { $errors[] = 'The entered password and confirm password do not match.'; } else { $np = mysqli_real_escape_string($connect,trim($_POST['password1'])); } } if(empty($errors)){ //if everything is fine. //verify the entered email address and password. $q="SELECT username FROM users WHERE (username='$u' AND password=SHA1('$p'))"; $r=@mysqli_query($connect,$q); $num = @mysqli_num_rows($r); if($num==1) //if it matches. //get user id { $row=mysqli_fetch_array($r, MYSQLI_NUM); //udpdate query. $q="UPDATE users SET password= SHA1('$np') WHERE username=$row[0]"; $r=@mysqli_query($connect, $q); if (mysqli_affected_rows($connect) ==1) { echo '<h3>Your password has been updated.</h3>'; } else { echo '<h3>Whops! Your password cannot be changed due a system error. Try again later. Sorry</h3>'; echo '<p>' .mysqli_error($connect). 'Query:' . $q.'</p>'; } exit(); } else { //invalid email and password echo 'The entered username and password do not match.'; } } else { //report the errors. echo '<h1> Err... </h1> <p> The following error(s) have occured</p>'; foreach ($errors as $msg) { echo "--$msg<br />\n"; } echo '</p><p>Please Try Again.</p><p><br/></p>'; } mysqli_close($connect); } ?> <html> <head></head> <body> <div id="container"> <h1>Change your password</h1> <form action="password.php" method="post"> Username:<br> <input type="text" name="username" size="20" maxlength="80" /> <br> Current Password<br/> <input type="password" name="password" /> <br/> New Password<br/> <input type="password" name="password1" /> <br/> Confirm New Password<br/> <input type="password" name="cpass" /> <br/> <input type="submit" name="submit" value="Change Password"/> <input type="hidden" name="submitted" value="TRUE"/> </form> </div> <?php include('C:\wamp\www\footer.html'); ?> в //forgot password update include('C:\wamp\www\header.html'); //check if form has been submitted include('C:\wamp\www\connect.php'); //connecting to db $errors = array(); if(isset($_POST['submitted'])) { if (empty($_POST['username'])) { $errors[]='Please enter a username.'; } else { $u = mysqli_real_escape_string($connect,trim($_POST['username'])); } //check for current password if (empty($_POST['password'])) { $errors[]='Current password does not match.'; } else { $p = mysqli_real_escape_string($connect,trim($_POST['password'])); } //check for a new password and match with confirm pass. if(!empty($_POST['password1'])) { if($_POST['password1'] != $_POST['cpass']) { $errors[] = 'The entered password and confirm password do not match.'; } else { $np = mysqli_real_escape_string($connect,trim($_POST['password1'])); } } if(empty($errors)){ //if everything is fine. //verify the entered email address and password. $q="SELECT username FROM users WHERE (username='$u' AND password=SHA1('$p'))"; $r=@mysqli_query($connect,$q); $num = @mysqli_num_rows($r); if($num==1) //if it matches. //get user id { $row=mysqli_fetch_array($r, MYSQLI_NUM); //udpdate query. $q="UPDATE users SET password= SHA1('$np') WHERE username=$row[0]"; $r=@mysqli_query($connect, $q); if (mysqli_affected_rows($connect) ==1) { echo '<h3>Your password has been updated.</h3>'; } else { echo '<h3>Whops! Your password cannot be changed due a system error. Try again later. Sorry</h3>'; echo '<p>' .mysqli_error($connect). 'Query:' . $q.'</p>'; } exit(); } else { //invalid email and password echo 'The entered username and password do not match.'; } } else { //report the errors. echo '<h1> Err... </h1> <p> The following error(s) have occured</p>'; foreach ($errors as $msg) { echo "--$msg<br />\n"; } echo '</p><p>Please Try Again.</p><p><br/></p>'; } mysqli_close($connect); } ?> <html> <head></head> <body> <div id="container"> <h1>Change your password</h1> <form action="password.php" method="post"> Username:<br> <input type="text" name="username" size="20" maxlength="80" /> <br> Current Password<br/> <input type="password" name="password" /> <br/> New Password<br/> <input type="password" name="password1" /> <br/> Confirm New Password<br/> <input type="password" name="cpass" /> <br/> <input type="submit" name="submit" value="Change Password"/> <input type="hidden" name="submitted" value="TRUE"/> </form> </div> <?php include('C:\wamp\www\footer.html'); ?> в //forgot password update include('C:\wamp\www\header.html'); //check if form has been submitted include('C:\wamp\www\connect.php'); //connecting to db $errors = array(); if(isset($_POST['submitted'])) { if (empty($_POST['username'])) { $errors[]='Please enter a username.'; } else { $u = mysqli_real_escape_string($connect,trim($_POST['username'])); } //check for current password if (empty($_POST['password'])) { $errors[]='Current password does not match.'; } else { $p = mysqli_real_escape_string($connect,trim($_POST['password'])); } //check for a new password and match with confirm pass. if(!empty($_POST['password1'])) { if($_POST['password1'] != $_POST['cpass']) { $errors[] = 'The entered password and confirm password do not match.'; } else { $np = mysqli_real_escape_string($connect,trim($_POST['password1'])); } } if(empty($errors)){ //if everything is fine. //verify the entered email address and password. $q="SELECT username FROM users WHERE (username='$u' AND password=SHA1('$p'))"; $r=@mysqli_query($connect,$q); $num = @mysqli_num_rows($r); if($num==1) //if it matches. //get user id { $row=mysqli_fetch_array($r, MYSQLI_NUM); //udpdate query. $q="UPDATE users SET password= SHA1('$np') WHERE username=$row[0]"; $r=@mysqli_query($connect, $q); if (mysqli_affected_rows($connect) ==1) { echo '<h3>Your password has been updated.</h3>'; } else { echo '<h3>Whops! Your password cannot be changed due a system error. Try again later. Sorry</h3>'; echo '<p>' .mysqli_error($connect). 'Query:' . $q.'</p>'; } exit(); } else { //invalid email and password echo 'The entered username and password do not match.'; } } else { //report the errors. echo '<h1> Err... </h1> <p> The following error(s) have occured</p>'; foreach ($errors as $msg) { echo "--$msg<br />\n"; } echo '</p><p>Please Try Again.</p><p><br/></p>'; } mysqli_close($connect); } ?> <html> <head></head> <body> <div id="container"> <h1>Change your password</h1> <form action="password.php" method="post"> Username:<br> <input type="text" name="username" size="20" maxlength="80" /> <br> Current Password<br/> <input type="password" name="password" /> <br/> New Password<br/> <input type="password" name="password1" /> <br/> Confirm New Password<br/> <input type="password" name="cpass" /> <br/> <input type="submit" name="submit" value="Change Password"/> <input type="hidden" name="submitted" value="TRUE"/> </form> </div> <?php include('C:\wamp\www\footer.html'); ?> К //forgot password update include('C:\wamp\www\header.html'); //check if form has been submitted include('C:\wamp\www\connect.php'); //connecting to db $errors = array(); if(isset($_POST['submitted'])) { if (empty($_POST['username'])) { $errors[]='Please enter a username.'; } else { $u = mysqli_real_escape_string($connect,trim($_POST['username'])); } //check for current password if (empty($_POST['password'])) { $errors[]='Current password does not match.'; } else { $p = mysqli_real_escape_string($connect,trim($_POST['password'])); } //check for a new password and match with confirm pass. if(!empty($_POST['password1'])) { if($_POST['password1'] != $_POST['cpass']) { $errors[] = 'The entered password and confirm password do not match.'; } else { $np = mysqli_real_escape_string($connect,trim($_POST['password1'])); } } if(empty($errors)){ //if everything is fine. //verify the entered email address and password. $q="SELECT username FROM users WHERE (username='$u' AND password=SHA1('$p'))"; $r=@mysqli_query($connect,$q); $num = @mysqli_num_rows($r); if($num==1) //if it matches. //get user id { $row=mysqli_fetch_array($r, MYSQLI_NUM); //udpdate query. $q="UPDATE users SET password= SHA1('$np') WHERE username=$row[0]"; $r=@mysqli_query($connect, $q); if (mysqli_affected_rows($connect) ==1) { echo '<h3>Your password has been updated.</h3>'; } else { echo '<h3>Whops! Your password cannot be changed due a system error. Try again later. Sorry</h3>'; echo '<p>' .mysqli_error($connect). 'Query:' . $q.'</p>'; } exit(); } else { //invalid email and password echo 'The entered username and password do not match.'; } } else { //report the errors. echo '<h1> Err... </h1> <p> The following error(s) have occured</p>'; foreach ($errors as $msg) { echo "--$msg<br />\n"; } echo '</p><p>Please Try Again.</p><p><br/></p>'; } mysqli_close($connect); } ?> <html> <head></head> <body> <div id="container"> <h1>Change your password</h1> <form action="password.php" method="post"> Username:<br> <input type="text" name="username" size="20" maxlength="80" /> <br> Current Password<br/> <input type="password" name="password" /> <br/> New Password<br/> <input type="password" name="password1" /> <br/> Confirm New Password<br/> <input type="password" name="cpass" /> <br/> <input type="submit" name="submit" value="Change Password"/> <input type="hidden" name="submitted" value="TRUE"/> </form> </div> <?php include('C:\wamp\www\footer.html'); ?> в //forgot password update include('C:\wamp\www\header.html'); //check if form has been submitted include('C:\wamp\www\connect.php'); //connecting to db $errors = array(); if(isset($_POST['submitted'])) { if (empty($_POST['username'])) { $errors[]='Please enter a username.'; } else { $u = mysqli_real_escape_string($connect,trim($_POST['username'])); } //check for current password if (empty($_POST['password'])) { $errors[]='Current password does not match.'; } else { $p = mysqli_real_escape_string($connect,trim($_POST['password'])); } //check for a new password and match with confirm pass. if(!empty($_POST['password1'])) { if($_POST['password1'] != $_POST['cpass']) { $errors[] = 'The entered password and confirm password do not match.'; } else { $np = mysqli_real_escape_string($connect,trim($_POST['password1'])); } } if(empty($errors)){ //if everything is fine. //verify the entered email address and password. $q="SELECT username FROM users WHERE (username='$u' AND password=SHA1('$p'))"; $r=@mysqli_query($connect,$q); $num = @mysqli_num_rows($r); if($num==1) //if it matches. //get user id { $row=mysqli_fetch_array($r, MYSQLI_NUM); //udpdate query. $q="UPDATE users SET password= SHA1('$np') WHERE username=$row[0]"; $r=@mysqli_query($connect, $q); if (mysqli_affected_rows($connect) ==1) { echo '<h3>Your password has been updated.</h3>'; } else { echo '<h3>Whops! Your password cannot be changed due a system error. Try again later. Sorry</h3>'; echo '<p>' .mysqli_error($connect). 'Query:' . $q.'</p>'; } exit(); } else { //invalid email and password echo 'The entered username and password do not match.'; } } else { //report the errors. echo '<h1> Err... </h1> <p> The following error(s) have occured</p>'; foreach ($errors as $msg) { echo "--$msg<br />\n"; } echo '</p><p>Please Try Again.</p><p><br/></p>'; } mysqli_close($connect); } ?> <html> <head></head> <body> <div id="container"> <h1>Change your password</h1> <form action="password.php" method="post"> Username:<br> <input type="text" name="username" size="20" maxlength="80" /> <br> Current Password<br/> <input type="password" name="password" /> <br/> New Password<br/> <input type="password" name="password1" /> <br/> Confirm New Password<br/> <input type="password" name="cpass" /> <br/> <input type="submit" name="submit" value="Change Password"/> <input type="hidden" name="submitted" value="TRUE"/> </form> </div> <?php include('C:\wamp\www\footer.html'); ?>