0

We are trying to create a login screen for a WordPress website. I think the way to connect to the database is good. The code also seems to be good, we have a layout where someone types the username and password. Those are stored in variables and then it should connect to a database.

Before the following lines of code the ?> TEST prints out TEST. However when you try to login the error 500 pops up, and no print of TEST. The error code 500 is very wide unfortunately.

We are working outside the code of WordPress in a different folder. WordPress has 3 folders on the server named wp-admin, wp-content and wp-includes. We just created a folder next to it and are trying to build it there. I'd like to find out the options why it is not working, some internet research here brought me to the wp-config. But that didn't work out for us yet. 

$connection = mysql_connect("IP", "username", "password");

?>
<HTML><BODY>TEST</BODY></HTML>
<?php

// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

// Selecting Database
$db = mysql_select_db("db_name", $connection) 
or die("no connection to database");

I can add the code of the login screen as well if its necessary, just comment if that is needed.

**** I used old functionalities of PHP and that is why it is not connecting. For WordPress do not use mysql_connect but mysqli_connect.

Improve this question
5
  • Well if problem occurs only when you try to log-in then something might be wrong right there. Could you share? EDIT : Also try to put these lines to enable error logging Commented Jan 23, 2017 at 9:02
  • 1
    you MUST NOT use mysql_xxx functions which are deprecated since php5.5 (more than 3 years ago) and removed since PHP7 because of security issues (see stackoverflow.com/q/12859942/3992945). Please use mysqli_xxx or PDO instead php.net/manual/en/mysqlinfo.api.choosing.php. Commented Jan 23, 2017 at 9:08
  • 1
    I think the way to connect to the database is good. no it is not. You are using the deprecated (removed in php7) mysql_* API. Use mysqli or better PDO and learn about prepared statements to secure your code from SQL injections!!! Now your code is vulnerable Commented Jan 23, 2017 at 9:10
  • Ok that was the answer. After pressing login TEST is printed now. Could you describe it as an answer so I can close the question? Commented Jan 23, 2017 at 9:20
  • mysql_real_escape_string does not prevent sql injection, Commented Jan 23, 2017 at 9:34

1 Answer 1

Reset to default
4

The best way to load only load the core functionality of WordPress is to use the wp-load.php.

$path = $_SERVER['DOCUMENT_ROOT'];
include_once $path . '/wp-load.php';
include_once $path . '/wp-config.php';

$db = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
// Test the connection:
if (mysqli_connect_errno()){
    // Connection Error
    exit("Couldn't connect to the database: ".mysqli_connect_error());
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.