1

I am new with pdo and php so please bear with me.

What I wanted is to create secure connection with db and get data. But as I checked there is not even db connection. When I inspect element I found this:

Failed to load resource: the server responded with a status of 500 (Internal Server Error)

I checked it and I think I know what does it mean, but I could not fix it

here my codes,

global $dbname = $_GET['dbname'];
global $table = $_GET['table'];
global $yerId= $_GET['gid'];

try {
    $db = new PDO("pgsql:dbname=$dbname;host=localhost", "postgres", "postgres" );
    $sql = $db->query ("SELECT km, turu, hat_kesimi, ili, ilcesi, mahadi FROM $table WHERE gid = $yerId ");
    while($result = $sql-> fetch(PDO_FETCH_ASSOC)  ) {
        printf ('<table><thead><tr><th  colspan="4" align="left" >TCDD 3.BOLGE MUDURLUGU <img src="tcdd.png" align="right" width="92px" /></th></tr><tr><th  colspan="4">Hemzemin Gecitler ve Ozellikeri</th></tr></thead><tbody><tr><th>Kilometre</th><td colspan="3">%s</td></tr><tr><th>Turu</th><td colspan="3">%s</td></tr><tr><th>Hat Kesimi</th><td colspan="3">%s</td></tr><tr><th>Sehir</th><td colspan="3">%s</td></tr><tr><th>Ilce</th><td colspan="3">%s</td></tr><tr><th>Mahalle</th><td colspan="3">%s</td></tr><tr><th colspan="4" > copyright © all rights reserved by Piri Reis Bilisim  </th></tr></tbody></table>', $result["km"],$result["turu"], $result["hat_kesimi"], $result["ili"], $result["ilcesi"],$result["mahadi"]);        
    }

    $dbh = null;
}
catch(PDOException $e)
{
    echo $e->getMessage();
}
Improve this question
4
  • 1
    why are you getting your database credentials using $_GET Are your appending all of your credentials to your url .. it is not a good practice plus a security breach too Commented Sep 22, 2014 at 12:05
  • If you encounter 500 errors check the error log of your webserver. There usually is a clear error message detailing what's wrong. Commented Sep 22, 2014 at 12:06
  • first gerald, now I am not getting that error but what i want does not happen, codes does work with no error second @justrohu , i have to use get method Commented Sep 22, 2014 at 12:15
  • I would suggest to hash the $_GET values by using base64_encode just to be secure. Commented Sep 22, 2014 at 12:18

1 Answer 1

Reset to default
1

When I run your code through PHP -l I get the following errormessage:

PHP Parse error: syntax error, unexpected '=', expecting ',' or ';' in test.php on line 2 Errors parsing test.php

Just remove the global keyword here, it's wrong:

$dbname = $_GET['dbname'];
$table = $_GET['table'];
$yerId= $_GET['gid'];
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thank you a lot, at least the css and html loaded when I removed global. but the data which will come from databese cannot be reached

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.