Php app, request to search database returns white screen

Hosting Support
1

Website URL

http://bioactive-knapsack.infinityfreeapp.com/controller.php

Error Message

white screen in the Firefox Network/Response tab

Other Information

screenshot:

image
image1866×877 150 KB

My model.php that I refactored to try to get working on infinity:

<?php
// Include the database connection file
require_once('connection.php');

//error reports
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);


// Function to handle encoding with detection
function mb_convert_encoding_with_detection($value) {
    $detected_encoding = mb_detect_encoding($value, "UTF-8, EUC-JP, Shift-JIS", true);
    return $detected_encoding ? mb_convert_encoding($value, "UTF-8", $detected_encoding) : $value;
}

function search_tables($searchterm) {
    $out = array();
    $sql = "SHOW TABLES";
    $res = mysqli_query(Db::$conn, $sql);

    if (!$res) {
        die("Error fetching tables: " . mysqli_error(Db::$conn));
    }

    while ($table_arr = mysqli_fetch_array($res)) {
        $table = $table_arr[0];
        $sql_search_fields = array();
        
        $sql_columns = "SHOW COLUMNS FROM " . $table;
        $res_columns = mysqli_query(Db::$conn, $sql_columns);

        if (!$res_columns) {
            die("Error fetching columns: " . mysqli_error(Db::$conn));
        }

        while ($col_info = mysqli_fetch_assoc($res_columns)) {
            $col_name = $col_info['Field'];
            $sql_search_fields[] = "`$col_name` LIKE '%" . mysqli_real_escape_string(Db::$conn, $searchterm) . "%'";
        }
        mysqli_free_result($res_columns); // Free the result set

        if (!empty($sql_search_fields)) {
            $sql_search_query = "SELECT * FROM `$table` WHERE " . implode(" OR ", $sql_search_fields);
            $res_search = mysqli_query(Db::$conn, $sql_search_query);

            if (!$res_search) {
                die("Error performing search query: " . mysqli_error(Db::$conn));
            }

            while ($row = mysqli_fetch_assoc($res_search)) {
                $next_row = array();
                foreach ($row as $key => $value) {
                    // Convert encoding if not null
                    $next_row[$key] = $value !== null ? mb_convert_encoding_with_detection($value) : null;
                }
                $out[] = $next_row;
            }
            mysqli_free_result($res_search); // Free the result set
        }
    }
    mysqli_free_result($res); // Free the main result set
    return $out;
}

////////////////////////////////////////////////////////////////////////////
function edit_profile($prof_arr)
{
    $oldname = $prof_arr[0];
    $newname = $prof_arr[1];
    $oldpass = $prof_arr[2];
    $newpass = $prof_arr[3];
    $oldemail = $prof_arr[4];
    $newemail = $prof_arr[5];

    $updated_prof = ['name'=>$oldname, 'password'=>$oldpass, 'email'=>$oldemail];

    //name, pass, email
    if ($newname != "") {
        $sql = "UPDATE Users SET Username = '$newname' WHERE Username = '$oldname'";
        $result = mysqli_query(Db::$conn, $sql);
        if ($result == false) {
            $updated_prof['name'] = 'Error Name update';
        }
        else{//mysql success
            $oldname = $newname;
            //add to array
            $updated_prof['name'] = $newname;
        }
    } //if Username changed must find new Username

    if ($newpass != "") {
        $sql = "UPDATE Users SET Password = '$newpass' WHERE Username = '$oldname'";
        $result = mysqli_query(Db::$conn, $sql);
        if ($result == false) {
            $updated_prof['password'] = 'Error Password update';
        }
        else{
            $oldpass = $newpass;
            $updated_prof['password'] = $newpass;
        }
    }


    if ($newemail != "") {
        $sql = "UPDATE Users SET Email = '$newemail' WHERE Username = '$oldname'";
        $result = mysqli_query(Db::$conn, $sql);
        if ($result == true) {
            $updated_prof['email'] = 'Error Email update';
        }
        else{
            $oldemail = $newemail;
            $updated_prof['email'] = $newemail;
        }
    }

    return $updated_prof;
}


///////////////////////////////////////////////////////////////////////
//https://stackoverflow.com/a/14290878/13865853
function search_disease($disease_option){
    // search DB for substring of question
    // add results to an array of strings
    // return array of strings or empty array
    
    $user_id = -1;
    $matches_arr = array();
    $sql = "SELECT * FROM diseases WHERE disease LIKE '%" . mysqli_real_escape_string(Db::$conn, $disease_option) . "%'";

    $result = mysqli_query(Db::$conn, $sql);
    if (mysqli_num_rows($result) > 0) {
        while($row = mysqli_fetch_assoc($result)){
            $next_row = array(
                "Disease" => mb_convert_encoding_with_detection($row['disease']),
                "Food" => mb_convert_encoding_with_detection($row['food']),
                "Name" => mb_convert_encoding_with_detection($row['en_name']),
                "Health Benefits" => mb_convert_encoding_with_detection($row['healthEffect']),
                "Metabollite" => mb_convert_encoding_with_detection($row['metabollite'])
                // "Citation" => mb_convert_encoding_with_detection($row['citation']) if you need to include citations
            );
            $matches_arr[] = $next_row;
        }
    }
    $_SESSION['disease-matches-arr'] = $matches_arr;
    return $matches_arr;
}


function search_food($food_option){
    // search DB for substring of question
    //add results to an array of strings
    //return array of strings or empty array
    //
    $user_id = -1;
    $matches_arr = array();
    $sql = "SELECT * FROM lunchbox
    WHERE species LIKE '%$food_option%'";

    $result = mysqli_query(Db::$conn, $sql);
    if (mysqli_num_rows($result) > 0) {
        //iterate
        while($row = mysqli_fetch_assoc($result)){
            //get username
            $kingdom = mb_convert_encoding($row['kingdom'], "UTF-8", "auto");
            $species = mb_convert_encoding($row['species'], "UTF-8", "auto");
            $summary = mb_convert_encoding($row['summary'], "UTF-8", "auto");
            $how_to_eat = mb_convert_encoding($row['edible'], "UTF-8", "auto");
            $medicinal  = mb_convert_encoding($row['medicinalUsage'], "UTF-8", "auto");
            $health_benefits = mb_convert_encoding($row['healthBenefits'], "UTF-8", "auto");

            //$citation = $row['citation'];
            $next_row = array("kingdom"=>$kingdom, "Scientific Name"=>$species,
                "Summary"=>$summary, "How to Eat"=>$how_to_eat, "Medicinal"=>$medicinal,
                "Health Effect"=>$health_benefits);
            //"Sources"=>$citation);
            $matches_arr[] = $next_row;
        }
    }
    $_SESSION['food-matches-arr'] = $matches_arr;
    return $matches_arr;
    //https://stackoverflow.com/questions/1548159/php-how-to-send-an-array-to-another-page

}

function search_metabollite($metabollite_option){
    // search DB for substring of question
    //add results to an array of strings
    //return array of strings or empty array
    //
    $user_id = -1;
    $matches_arr = array();
    $sql = "SELECT * FROM metabollites
    WHERE metabollite LIKE '%$metabollite_option%'";

    $result = mysqli_query(Db::$conn, $sql);
    if (mysqli_num_rows($result) > 0) {
        //iterate
        while($row = mysqli_fetch_assoc($result)){
            //get username
            $metabollite = mb_convert_encoding($row['metabollite'], "UTF-8", "auto");
            $en_name = mb_convert_encoding($row['enName'], "UTF-8", "auto");
            $health_effect = mb_convert_encoding($row['healthEffect'], "UTF-8", "auto");
            $foods = mb_convert_encoding($row['foods'], "UTF-8", "auto");
            $next_row = array("metabollite"=>$metabollite, "Scientific Name"=>$en_name,
                "Health Benefits"=>$health_effect, "Foods"=>$foods);
            $matches_arr[] = $next_row;
        }
    }
    $_SESSION['metabollite-matches-arr'] = $matches_arr;
    return $matches_arr;
    //https://stackoverflow.com/questions/1548159/php-how-to-send-an-array-to-another-page

}


//////////////////////////////////////////////////////////////////////
function post_a_question($q, $username){

    $user_id = get_user_id($username);
    //user found proceed to post question in DB
    $current_date = date("Ymd");
    $sql = "INSERT INTO Questions(Question, UserId, Date)
                            VALUES('$q', '$user_id', '$current_date')";
    $result = mysqli_query(Db::$conn, $sql);
    if($result!=false){
        return true;
    }
    else{
        return false;
    }
}

//https://stackoverflow.com/a/14290878/13865853
function search_questions($search_item){
    // search DB for substring of question
    //add results to an array of strings
    //return array of strings or empty array
    //
    $user_id = -1;
    $matches_arr = array();
    $sql = "SELECT * FROM Questions
    WHERE Question LIKE '%$search_item%'";
    //todo: may have to get all results and check substring in
    //php
    $result = mysqli_query(Db::$conn, $sql);
    if (mysqli_num_rows($result) > 0) {
        //iterate
        while($row = mysqli_fetch_assoc($result)){
            //get username
            $user_id = $row['UserId'];
            $username = get_user_name($user_id);
            $next_row = array("Question"=>$row['Question'], "Username"=>$username,
                "Date"=>$row['Date']);
            $matches_arr[] = $next_row;
        }
    }
    $_SESSION['matches_arr'] = $matches_arr;
    return $matches_arr;
    //https://stackoverflow.com/questions/1548159/php-how-to-send-an-array-to-another-page

}
function get_user_info($username){
    // search database for userid of the person who wrote the question
    //not current user
    //return userid or false for failure
    //
    $user_arr = array();
    $sql = "SELECT * from Users WHERE Username='$username'";
    $result = mysqli_query(Db::$conn, $sql);
    if (mysqli_num_rows($result) > 0) {
        $row = mysqli_fetch_assoc($result);
        $user_arr['username'] = $row['Username'];
        $user_arr['password'] = $row['Password'];
        $user_arr['user_id'] = $row['Id'];
        $user_arr['email'] = $row['Email'];

        return $user_arr;
    } else
        return false;
}

function delete_user($user_id){
    $sql = "DELETE from Users WHERE Id='$user_id'";
    $res = mysqli_query(Db::$conn, $sql);
    if($res==true){
        return true;
    }
    return false;
}

function get_user_name($user_id){
    // search database for userid of the person who wrote the question
    //not current user
    //return userid or false for failure
    //
    $sql = "SELECT * from Users WHERE Id='$user_id'";
    $result = mysqli_query(Db::$conn, $sql);
    if (mysqli_num_rows($result) > 0) {
        $row = mysqli_fetch_assoc($result);
        return $row['Username'];
    } else
        return false;
}


$command = '';
$username = '';
$password = '';
if(isset($_POST['command'])){
    $command = $_POST['command'];
}
if(isset($_POST['username'])){
    $username = $_POST['username'];
}
if(isset($_POST['password'])){
    $password = $_POST['password'];
}
$email = '';
if(!empty($_POST['email'])){
    $email = $_POST['email'];
}
//Signin
//check is user exists
//for Join this should return false
//for SignIn this should return true
function user_exists($username){

    $sql = "SELECT Username, Password, Email, Id FROM Users"; //WHERE
             //Username={$username}";
    $result = mysqli_query(Db::$conn, $sql);
    //check results return true if >0
    if(mysqli_num_rows($result)>0) {
        while ($row = mysqli_fetch_assoc($result)) {
            $temp_user = $row["Username"];
            $temp_pass = $row["Password"];
            if ($username == $row["Username"]) {
                return true;
            }
        }
    }

    return false;

}
function validate_existing_user($username, $password){

    $sql = "SELECT Username, Password, Email, Id FROM Users"; //WHERE
             //Username={$username}";

    $result = mysqli_query(Db::$conn, $sql);
    $num_results = mysqli_num_rows($result);
    if($num_results>0){
        //output data of each row
        while($row = mysqli_fetch_assoc($result)){
            if(($row["Username"]==$username) && ($row["Password"]==$password)){
                //user and password found
                $_SESSION['user_id'] = $row['Id'];
                return true;
            }
        }
    }
    else{// 0 results
        return false; //results were 0
    }
    return false;
}
//password is correct
//for Signin if user_exists() returns True, run this to check that
//password is correct
function check_username(){
    $usernameErr = '';
    if(empty($_POST["username"])){
        $usernameErr = "Please enter a username";
    }
    else{
        $username = $_POST['username'];
        if(!preg_match("/^[a-zA-Z0-9_]+$/", $username)) {
            $usernameErr = "Alpha lower, upper and underscore only for username";
        }
        else{//username is ok
            $usernameErr = "ok";
        }
    }
    return $usernameErr;

}

function check_password(){
    $passwordErr = '';
    if(empty($_POST["password"])){//nothing entered
        $passwordErr= "Please enter a password";
    }
    else{//password is entered
        $password = $_POST['password'];
        if(strlen($password)<= '6'){
            $passwordErr = "Password must contain at least 8 chars";
        }
        elseif(!preg_match("#[0-9]+#", $password)){
            $passwordErr = "Password must contain at least 1 number";
        }
        elseif(!preg_match("#[A-Z]+#", $password)){
            $passwordErr = "Password must contain one capital letter";
        }
        elseif(!preg_match("#[a-z]+#", $password)){
            $passwordErr = "Password must contain one lowercase letter";
        }
        else{//everything is ok
            $passwordErr = "ok";
        }
    }
    return $passwordErr;
}

function check_email(){
    $emailErr = '';
    if(empty($_POST["email"])) {
        $emailErr = "Enter email";
    }
    else{
        $email = $_POST['email'];
        if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
            $emailErr = "Invalid email format";
        }
        else{
            $emailErr = "ok";
        }
    }
    return $emailErr;
}


//called after user_exists returns false for Join
//return true
function add_user($username, $password, $email){
    $current_date = date("Ymd");
    $sql = "INSERT INTO Users (Username, Password, Email, Date)
    VALUES ('$username', '$password', '$email', $current_date)";

    if(mysqli_query(Db::$conn, $sql)){
        return true;
    }
    else{
        echo "Error: " . $sql . "<br>" . mysqli_error(Db::$conn);
        return false;
    }

}

function get_user_id($username){
    $sql = "SELECT Username, Password, Email, Id FROM Users"; //WHERE
             //Username='$username'";

    $result = mysqli_query(Db::$conn, $sql);
    $user_id = -1;
    if(mysqli_num_rows($result)>0) {
        //output data of each row

        while ($row = mysqli_fetch_assoc($result)) {
            if ($row["Username"] == $username) {
                //user found
                $user_id = $row["Id"];
                //set here
                $_SESSION['user_id'] = $user_id;
                return $user_id;
            }
        }

    }
    return $user_id; //return -1
}
//////////////////////////////////////////////////////////////////////////////////////////
2

It’s the first function being called, search_tables, the other ones though there is a problem with displaying the Japanese font, they seem to be working.

3

Looking at the code you shared, none of the functions actually seem to be called anywhere. The only code that actually executed is the error handling settings at the top, and the code that turns the POST parameters into PHP variables. I don’t see any obvious issues with the search_tables function. But given that this function is being called from some other piece of undisclosed code, it’s entirely possible that the issue isn’t even in this function to begin with.

Please try doing a bit more debugging yourself to narrow down the issue. Is the search_tables function actually being called? What is it called with? Are the arrays of tables, columns and rows all what you would expect them to be? Is the output data being returned to the controller what you would expect? Adding some var_dump and die calls through the code can help you see what’s exactly happening where.

It’s your code. You know how it’s supposed to work and what it’s supposed to do. We’re happy to help you if you get stuck, but you can’t just dump you entire codebase on us and tell us to fix your site so you don’t have to.

5 Likes
4

I extensively tested this on my local environment and it works fine. I had to tweak my .sql file to get that uploaded and my other functions for disease, food and metabollite all work, it’s just this one function is not. Anyways, it’s just a demo app for recruiters so hopefully they won’t try everything on there.

Also, are there differences in mysql versions between your free and paid plans?
I tested locally on all the newest versions so wondering if that is the problem.

FYI, not the version posted, which is the result of “debugging” but an earlier version was getting the data but it wasn’t displaying which I don’t want to debug again since it took me a while to get that to work locally.

It is frustrating to see so many things fall apart after deploying.

5

Please note that there are always numerous minor differences between your local environment and any hosting service. Using the same PHP version is most important, but there will be many other small issues due to how we specifically set up our servers. So encountering some issue where your code works locally but not on here (or vice versa) is impossible to prevent completely.

And whatever the issue is, I’m sure that there is a simple solution for it. But to find the issue, the most effective way to do that is to debug your code to find out exactly where it goes wrong.

If you intuitively know the issue, that’s faster of course. But just making guesses as to possible differences isn’t helpful. Especially when those guesses lead you to things you can’t change in the first place (like MySQL versions).

Yes, debugging a live site isn’t fun and can get messy. But it’s the only way to actually narrow down the issue. As opposed to, say, reinstall your local environment with a different MySQL version only to find out that you still can’t reproduce the issue.

Free hosting servers are all running MariaDB 10.3 10.4, premium hosting servers are running a blend of MariaDB and MySQL. MySQL is on 5.7, but I don’t know about MariaDB there.

There are much more differences between free hosting and premium hosting, but it’s very rare in my experience to run into issues that are actually caused by MySQL/MariaDB version differences.

4 Likes
6

Isn’t it 10.4 since the upgrade?

2 Likes
7

You’re right, it’s 10.4, I misremember.

3 Likes
8

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.