Show Page If database exits

I have one file install.php that connects to the mysql server and create the database table. I want that all of the rest files (index.php , abc.php , xyz.php) will only open if the table is already created using install.php else it will display a error "Couldn't Connect to the Database".

install.php

<?php
$dbname = 'registration';
$username = 'root';
$password = '';
$host = 'localhost';
 
 
define('DB_NAME', $dbname);
 
define('DB_USER', $username);
 
define('DB_PASSWORD', $password);
 
define('DB_HOST', $host);
 
$link = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("unable to connect");
                        mysql_select_db(DB_NAME);
                       
                       
                        $sql = "CREATE TABLE IF NOT EXISTS `student_register` (
  `student_id` int(11) NOT NULL AUTO_INCREMENT,
  `student_name` varchar(40) DEFAULT NULL,
  `father_name` varchar(40) DEFAULT NULL,
  `class` varchar(20) DEFAULT NULL,
  `section` varchar(3) DEFAULT NULL,
  `roll_no` bigint(10) DEFAULT NULL,
  `phone_no` bigint(10) DEFAULT NULL,
  `email_id` varchar(40) DEFAULT NULL,
  `password` varchar(40) DEFAULT NULL,
  `address` varchar(300) DEFAULT NULL,
  `gender` varchar(10) DEFAULT NULL,
  `student_photo` varchar(100) DEFAULT NULL,
  PRIMARY KEY (`student_id`)
                                )";
                        if(mysql_query($sql))
                        {
                        echo "Database created";
                        }
                        else
                        {
                        echo DB_NAME ." Database Is Not Existing";
                        }
                                                   
 
 
?>

PHP:

Thanks

 

<?php
 
mysql_connect('server', 'username', 'password') or die('cannot connect to mysql server');
mysql_select_db('database') or die('cannot connect to database');
 
$result = mysql_query('select * from `table`');
if ($result === FALSE)
    die('table not found');
 
?>

PHP:

 

Thanks Hamidsam your logic is working fine. Thanks a lot

 

I would point out that sticking the un/pw/host into DEFINE is one of the DUMBEST things you can do from a security standpoint. Security related data should NEVER go in DEFINE, globals or superglobals in a SCRIPTING language -- the risk of code elevations is too high to be doing something that... STUPID.

Much less having it in variables AND defines -- so pointless redundancies as well.

Also this is 2013 not 2006 -- you shouldn't be using mysql_ functions anymore, as the giant red warning boxes in the manual now finally tell you. (after years of in general being told "STOP DOING THAT!!!" they are FINALLY going to shove it down people's throats -- were that we could do that with bad HTML practices...)

You also shouldn't need the single quotes in your query, as there are no spaces in fieldnames.

SELECT * is wasteful as it will return the ENTIRE TABLE as a result set, not the greatest way to check if a table exists -- in fact it's the DUMBEST way to check! The correct way is to use SHOW TABLES LIKE.

I usually extend PDO with this method:

public function tableExists($tableName) {
	try {
		$statement = $this->query('SHOW TABLES LIKE '.$tableName);
		return $statement->rowCount() > 0;
	} catch (PDOException $e) {
		return false;
	}
}

Code (markup):

If you REALLY want to go the herpaderp route with the outdated insecure mysql_ function garbage:

function tableExists($tableName) {
	if ($result = mysql_query('SHOW TABLES LIKE '.$tableName)) {
		return mysql_num_rows($result) > 0;
	}
	return false;
}

Code (markup):

But I'd really advise against doing that.

Oh and you're not creating a database, you're creating a TABLE. A database is a collection OF tables.

 

I just wanted to add
The solution is simple. Place all sensitive data outside of your web server’s document root. Many experts now advocate placing most, if not all, of your php code outside of your web server’s document root. Since PHP is not limited by the same restrictions are you web server, you can make a directory on the same level as your document root and place all of your sensitive data and code there.
This means database connections and other secured connections/code, I also read if you want it really secured you add .htaccess file. However, at some point being you just going to have to say you are being as secured as you can make it and let it fly. Unless you are doing just doing a simple blog or non-banking transactions like that then for the most part you should be OK taking these necessary precautions. However, anything dealing with people's money then I (this is what I do) would have a trusted 3rd party do those types of transactions and never deal with any of those kinds of transactions, unless you are 99.9 percent (or even 100 percent) certain you know what you are doing. It might mean little inconvenience for your users/client (meaning they might have to fill out a little more forms to complete the transaction), but it's better than having your reputation ruin because you were soft in the security department. Just look at what happens to the big companies when they have security issues (LinkedIn, Apple, PayPal, etc..). It takes them a huge PR campaign and $$$ to gain people's trust back. Just my .05 cents.