Application based "FATAL Error" Message if executed from application folder

PHP
1

Hi,

This is part of academic testing. I have got a php file: functions.php. The code is given below:

<?php

  //require_once('html_functions2.php');

  $dbhost  = '127.0.0.1';
  $dbname  = 'CS4331-TOY-APPLICATION';
  $dbuser  = 'root';
  $dbpass  = 'test';

  $connection = new mysqli($dbhost, $dbuser, $dbpass, $dbname);

  if ($connection->connect_error) {
    die("Fatal Error");
  }
  else
   echo 'Connected successfully';

  function queryMysql($query)
  {
    global $connection;
    $result = $connection->query($query);
    if (!$result) {
      die("Fatal Error");
    }
    return $result;
  }

  function destroySession()
  {
    $_SESSION = array();

    if (session_id() != "" || isset($_COOKIE[session_name()]))
      setcookie(session_name(), '', time()-2592000, '/');

    session_destroy();
  }

  function checkIfLoggedIn()
  {
    $loggedin = FALSE;

    if (isset($_SESSION['user']))
      $loggedin = TRUE;

    return $loggedin;
  }

  function checkIfAdmin()
  {
    $isadmin = FALSE;

    if (isset($_SESSION['is_admin']) && $_SESSION['is_admin'] == 1)
      $isadmin = TRUE;

    return $isadmin;
  }

  function _make_url_clickable_cb($matches) {
	$ret = '';
	$url = $matches[2];

	if ( empty($url) )
		return $matches[0];
	if ( in_array(substr($url, -1), array('.', ',', ';', ':')) === true ) {
		$ret = substr($url, -1);
		$url = substr($url, 0, strlen($url)-1);
	}
	return $matches[1] . "<a href=\"$url\" rel=\"nofollow\">$url</a>" . $ret;
}

function _make_web_ftp_clickable_cb($matches) {
	$ret = '';
	$dest = $matches[2];
	$dest = 'http://' . $dest;

	if ( empty($dest) )
		return $matches[0];
	if ( in_array(substr($dest, -1), array('.', ',', ';', ':')) === true ) {
		$ret = substr($dest, -1);
		$dest = substr($dest, 0, strlen($dest)-1);
	}
	return $matches[1] . "<a href=\"$dest\" rel=\"nofollow\">$dest</a>" . $ret;
}

function _make_email_clickable_cb($matches) {
	$email = $matches[2] . '@' . $matches[3];
	return $matches[1] . "<a href=\"mailto:$email\">$email</a>";
}

function make_clickable($ret) {
	$ret = ' ' . $ret;

  $ret = preg_replace_callback('#([\s>])([\w]+?://[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_url_clickable_cb', $ret);
	$ret = preg_replace_callback('#([\s>])((www|ftp)\.[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_web_ftp_clickable_cb', $ret);
	$ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);

	$ret = preg_replace("#(<a( [^>]+?>|>))<a [^>]+?>([^>]+?)</a></a>#i", "$1$3</a>", $ret);
	$ret = trim($ret);
	return $ret;
}

The code does not have terminating “?>” which are part of Php syntax. I have to run it from a folder:

CST.

If I use the link:

http://localhost/CST/functions.php

I am getting the message:

Fatal Error, because it does not recognize password.

My nginx server message is:

2019/11/14 15:01:42 [error] 1150#1150: *30 FastCGI sent in stderr: “PHP message: PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user ‘root’@‘localhost’ (using password: NO) in /var/www/html/CST/functions.php on line 10” while reading response header from upstream, client: 127.0.0.1, server: _, request: “GET /CST/functions.php HTTP/1.1”, upstream: “fastcgi://unix:/var/run/php/php7.2-fpm.sock:”, host: “localhost”

CST folder also contains CSS and images folder.

However, when I am invoking it in a normal style like:

http://localhost/functions.php

I am getting the message “Connected successfully”

The reason might be the password problem. Why its not recognizing the password when functions.php invoked from the application folder.

Somebody please guide me.

Zulfi.

2

Hi,
I have a feeling that the server is not using the modified version of files in the application. I mean that some how when I am making edits, these are not working. Because initially it to test there was no value for the password, i put the word “test”. Now I found that there are two fatal error messages. I changed first one to “Fatal Error1” and the second one to “Fatal Error2” but still I am getting the same error message.

Is this possible that we make edits but the server uses the old files.

Some body please guide me.

Zulfi.

3

Hi database name is correct:

mysql> show databases;
±-----------------------+
| Database |
±-----------------------+
| information_schema |
| CS4331-TOY-APPLICATION |
| mysql |
| performance_schema |
| phpmyadmin |
| sys |
| test |
±-----------------------+
7 rows in set (0.00 sec)

mysql>

Zulfi.

4

Hi,

I found that current information is also correct.
mysql> SELECT CURRENT_USER();
±---------------+
| CURRENT_USER() |
±---------------+
| root@localhost |
±---------------+
1 row in set (0.00 sec)

mysql>

Some body please guide me.

Zulfi.

5

and

Seem strange to me, and suggests that you have the file in both directories. If it wasn’t in both directories, surely it would fail to find one of those links and give a 404 error? That in turn suggests that the one in the CST directory is the old version that doesn’t have the password text.

6

I noticed your error message mentions FastCGI. Apparently, it’s a bad idea to use FastCGI during development. Here’s a quote from the linked page:

Errors and troubleshooting

Bad scripts won’t return an error immediately; you must wait a couple of minutes for the script to time out. If the script is on a web page, the page appears to hang – and even when the script times out, the actual error message might not be logged and you may only see a 500 error. This means that testing under FastCGI is rather impractical. Development should be done with standard CGI, or on your local computer. FastCGI should be added after the script has already been debugged.

Can you turn off FastCGI and try again?

7

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.