Already using my username and password.Warning: mysql_connect(): Access denied for user 'root'@'localhost' (using password: NO)

Question

if(!empty($_POST["save"])) {
  $conn = mysql_connect("localhost","root","");
  mysql_select_db("admin");
  $itemCount = count($_POST["item_name"]);
  $itemValues=0;
  $query = "INSERT INTO item (item_name,item_price) VALUES ";
  $queryValue = "";
  for($i=0;$i<$itemCount;$i++) {
    if(!empty($_POST["item_name"][$i]) || !empty($_POST["item_price"][$i])) {
      $itemValues++;
      if($queryValue!="") {
        $queryValue .= ",";
      }
      $queryValue .= "('" . $_POST["item_name"][$i] . "', '" . $_POST["item_price"][$i] . "')";
    }
  }
  $sql = $query.$queryValue;
  if($itemValues!=0) {
    $result = mysql_query($sql);
    if(!empty($result)) $message = "Added Successfully.";
  }
}

My username and password is root..but it doesn't connect..is there any privilages to connent..please help me to resolve this..

Did you ever took a look at the documentation of [mysql_connect()](http://php.net/manual/en/function.mysql-connect.php)? The third parameter should be your password. And you should check if the connection was successful: `if(!$conn)...` — moffeltje, Jun 23 '15 at 07:36

score 1 · Answer 1 · edited May 23 '17 at 11:58

First of all: You're using an deprecated API and your code is vulnerable to sql injections, so you should really take a few minutes to read Choosing an API and the accepted answer to How can I prevent SQL-injection in PHP?.

If you take a look at the mysql_connect documentation you will find that the third parameter is the password, so if your password is "root", you should change your code to:

$conn = mysql_connect("localhost","root","root");

Already using my username and password.Warning: mysql_connect(): Access denied for user 'root'@'localhost' (using password: NO)

1 Answers1