I have been trying to update a field in database using php, everytime I run the script there is no effect on the table. Here's how my code looks :
$sql="UPDATE users set sentMsg = $msg+1 where username = '$username' ";
$result = $link->query($sql);
where $link is the connection variable which is working fine with other queries.
Here's the table structure.
The $result variable is returning true.
I am unable to understand where the actual problem is.
Try this
$sql="UPDATE `users` SET `sentMsg` =".($msg+1)." WHERE `username` ='".$username."'";
$result = mysqli_query($link,$sql);
Thats what i could make out of your code till now.
try this;
$newCount = $msg+1;
$sql="UPDATE users set sentMsg = $newCount where username = '$username' ";
$result = $link->query($sql);
or
$sql="UPDATE users set sentMsg = ".($msg + 1)." where username = '$username' ";
$result = $link->query($sql);
Related
I'm working with a system that assigns files to users. Problem is, that the response, userid, is always 0.
$user = htmlentities($_SESSION['username']);
$sql = "INSERT INTO `files`(
`userid`,
`filename`,
`filesize`,
`filetype`,
`filepath`
)
VALUES
(\"". get_user_id($user). "\",\"".
$_FILES['userfile']['name']. "\",\"".
$_FILES['userfile']['size']. "\",\"".
$_FILES['userfile']['type']. "\",\"".
$fileadress.
"\")";
Function get_user_id
function get_user_id($user){
mysql_connect(HOST, USER, PASSWORD)
or die(mysql_error());
$sqlinit = "USE secure_login";
mysql_query($sqlinit);
$sql = "SELECT `id` FROM `members` WHERE `username` = '". $user."'";
$result = mysql_query($sql);
//mysql_fetch_array($result);
echo mysql_error();
$userid = $result;
return $userid;
}
No errors, no warnings, everything else is working fine, only userid is showing always 0, even when id in members is 1,2 etc. Am I missing something? In both tables, userid and id are int.
mysql_query() returns you a mysql object, you put this object in the result variable. So if you do $userid = $result; you just duplicate the array to a new variable.
You're not accessing correctly to the element, you should write instead : $userid = $result['id'];
Take the habit to employ var_dump($result); to see what's exactly in you're variable (here result)
EDIT:
$sql = "SELECT id FROM members WHERE username = '". $user."'";
$queryRes = mysql_query($sql);
$result = mysql_fetch_array($queryRes);
$userid = $result['id'];
I believe you have to use $userid=$result['id']
As per your table, the right index would be userid
i.e:
$userid = $result['id'];
Basically, I have been having some trouble with sending a request to a MySQL server and receiving the data back and checking if a user is an Admin or just a User.
Admin = 1
User = 0
<?php
$checkAdminQuery = "SELECT * FROM `users` WHERE `admin`";
$checkAdmin = $checkAdminQuery
mysqli_query = $checkAdmin;
if ($checkAdmin == 1) {
echo '<h1>Working!</h1>';
}else {
echo '<h1>Not working!</h1>';
}
?>
Sorry that this may not be as much info needed, I am currently new to Stack Overflow.
Firstly, your SQL query is wrong
SELECT * FROM `users` WHERE `admin`
It's missing the rest of the WHERE clause
SELECT * FROM `users` WHERE `admin` = 1
Then you're going to need fetch the result from the query results. You're not even running the query
$resultSet = mysqli_query($checkAdminQuery)
Then from there, you'll want to extract the value.
while($row = mysqli_fetch_assoc($resultSet))
{
//do stuff
}
These are the initial problems I see, I'll continue to analyze and find more if needed.
See the documentation here
http://php.net/manual/en/book.mysqli.php
You need to have something like user id if you want to check someone in database. For example if you have user id stored in session
<?php
// 1. start session
session_start();
// 2. connect to db
$link = mysqli_connect('host', 'user', 'pass', 'database');
// 3. get user
$checkAdminQuery = mysqli_query($link, "SELECT * FROM `users` WHERE `id_user` = " . $_SESSION['id_user'] );
// 4. fetch from result
$result = mysqli_fetch_assoc($checkAdminQuery);
// 5. if column in database is called admin test it like this
if ($result['admin'] == 1) {
echo '<h1>Is admin!</h1>';
}else {
echo '<h1>Not working!</h1>';
}
?>
// get all admin users (assumes database already connected)
$rtn = array();
$checkAdminQuery = "SELECT * FROM `users` WHERE `admin`=1";
$result = mysqli_query($dbcon,$checkAdminQuery) or die(mysqli_error($dbconn));
while($row = mysqli_fetch_array($result)){
$rtn[] = $row;
}
$checkAdminQuery = "SELECT * FROM `users` WHERE `admin`"; !!!!
where what ? you need to specify where job = 'admin' or where name ='admin'
you need to specify the column name where you are adding the admin string
I don't understand this because I'm just getting into query's and php.
I'm trying to get the user's ID from the database and set that equal to a different users friendreq column.
Don't worry about me not escaping properly, this is only a test so I can practice! Thank you! (Although I'm not sure what escaping is, I'm going to do my research!)
$usernameID = "SELECT Id FROM Users WHERE Username = '$username'";
$sql = "UPDATE Users SET FriendReq = $usernameID WHERE Username = '$usernamebeingreq'";
$result = mysqli_multi_query($con, $usernameID, $sql);
if(!$result)
{
echo 'Failed';
}
else
{
echo 'Friend added!';
}
According to the PHP reference of mysqli_multi_query your two queries need to be concatenated with a semicolon. You're passing each query as its own parameter.
Use the following instead:
$result = mysqli_multi_query($con, $usernameID . "; " . $sql);
This will concatenate your two queries, so that it's the following:
SELECT Id FROM Users WHERE Username = '$username'; UPDATE Users SET FriendReq = $usernameID WHERE Username = '$usernamebeingreq'
<?php
session_start();
$username = "root";
$password = "password";
$database = "meipolytechnic";
mysql_connect('localhost', $username,$password);
#mysql_select_db($database) or die(mysql_error());
$username=$_SESSION['MM_Username'];
$query = "SELECT rollno FROM users where username = '".$username."'";
$result = mysql_query($query) or die(mysql_error());
$num = mysql_num_rows($result);
mysql_close();
$rows = array();
while($r = mysql_fetch_row($result))
{
$rows[] = $r[0];
}
echo ($rows['rollno']);
?>
i want to retrieve only the logged in users roll no from users table in database
when i run this code
and log in as foo
i get the following stuff
Unknown column 'foo' in 'where clause'
There should be session_start() at the top of the page
query need to change as
$query = "SELECT rollno FROM users where username = '".$_SESSION['MM_Username']."' ";
EDIT
Please try something before posting a question here. Please google or go through www.w3school.com for clearing this kind of issues. Make a good knowledge about arrays and mysql connection. And mysql_query function won't work latest PHP version.
Please try following code.
$result = mysql_query($query) or die(mysql_error());
$rows = array();
while($r = mysql_fetch_row($result))
{
$rows[] = $r[0];
}
print_r($rows);
To use an array inside a string you need to put a curly bracket before it and after it
so
$query = "SELECT rollno FROM users where username = {$_SESSION['MM_Username']}";
or
$query = "SELECT rollno FROM users where username = ".$_SESSION['MM_Username'];
First of all start session using start_session()
then change your query:
$query = "SELECT rollno FROM users where username = ".$_SESSION['MM_Username'];
then change:
$num = mysql_num_rows($result); instead of $num = mysql_numrows($result);
Try this query
$query = "SELECT rollno FROM users where username = ".$_SESSION[MM_Username]." ";
And start session on same page.
You can use
$username=$_SESSION[MM_Username];
$query = "SELECT rollno FROM users where username = '".$username."'";
and start the session by using session_start()
and you have used two closing tags omit one make it like below
echo ($rows['rollno']);
?>
This type of error occur when query goes false
May be becouse You have not start session, becouse if you dont have session_start(), then nothing will come in session variable... just try as
$query = "SELECT rollno FROM users where username = '".$_SESSION[MM_Username]."'";
may this help you
You must need to use session_start() before using $_SESSION variable in code.
So put below code at start,
session_start();
Then do some modification in query like,
$query = "SELECT rollno FROM users where username = '".$_SESSION['MM_Username']."'";
first start your session
session_start();
and Change your query like this...
$query = "SELECT rollno FROM users where username = '".$_SESSION['MM_Username']."'";
I'm trying to add a value to a row in a database table that currently has other values. I want to effect only one field in the table. here's what I'm doing:
$sql = "UPDATE users SET photo = ".$m_fname." WHERE pin = ".$_SESSION['pin'].";";
What's the correct way to do this?
Here's a little more:
$m_fname = mysql_real_escape_string($dest_filename);
$sql = "UPDATE users SET photo = ".$m_fname." WHERE pin = ".$_SESSION['pin'].";";
$res = #mysql_query($sql);
if (!$res) {
$errors[] = "Could not run query.";
break;
}
Before anyone else downvotes..
I'm aware I should be using mysqli. Sorry if I offended anyone by using an old function.
Maybe this helps, it's a different implementation and it includes a proper way of data-sanitation:
$dbSession = new PDO('mysql:host=***;dbname=***', '***', '***');
$updateQuery = $dbSession->prepare('
UPDATE
`users`
SET
`photo` = :photo
WHERE
`pin` = :pin');
$updateQuery->bindParam(':photo', $m_fname, PDO::PARAM_STR);
$updateQuery->bindParam(':pin', $_SESSION['pin'], PDO::PARAM_INT); // or 'PARAM_STR'
$updateQuery->execute();
See documentation for more functions available:
PHP Database Objects
Since you are setting the field photo to a string value, consider using single qutation
$sql = "
UPDATE `users`
SET `photo` = '" . $m_fname . "'
WHERE `pin` = " . $_SESSION['pin']; // Not clear what pin is (string or int)
What is the problem that you are facing? the code seems to be fine, provided that the PIN field is the primary unique key, and that photo is a varchar
use "'" for non number
$sql = "UPDATE users SET photo = '".$m_fname."' WHERE pin = '".$_SESSION['pin']."';";
$m_fname = mysql_real_escape_string($dest_filename);
$sql = "UPDATE users SET photo = '{$m_fname}' WHERE pin = '{$_SESSION['pin']}';";
$res = #mysql_query($sql);
if (!$res) {
$errors[] = "Could not run query.";
break;
}