function isUnique($email){
$query = "select * from registerform where email='$email'";
global $db;
$result = $db->query($query);
if($result->num_rows > 0){
return false;
}
else return true;
}
function isUnique($username){
$query = "select * from registerform where username='$username'";
global $db;
$result = $db->query($query);
if($result->num_rows > 0){
return false;
}
else return true;
}
error code: Cannot redeclare a function previously declared, how do I make it check the duplicate for email and username?
if I remove 1 of the code it is completely fine.
You could also make a generique function such as
function isUnique($field, $value)
{
$query = "select * from registerform where $field='$value'";
global $db;
$result = $db->query($query);
return $result->num_rows > 0
}
You should also check how to sanitize inputs => https://xkcd.com/327/
You have to rename the function name, e.g.: isUniqueEmail and isUniqueUsername
You cannot have two functions with the exact same name.
Related
I tried to get followers from MySQL usingy this class
class get_followers {
public $followers_arr = array();
public function __construct($user_id) {
$query = "select * from followsystem where following ='$user_id'";
$q = mysql_query($query) or die(mysql_error());
$count = mysql_num_rows($q);
if ($count > 0) {
while ($row = mysql_fetch_assoc($q)) {
array_push($this->followers_arr, $row['userid']);
}
}
return $this->followers_arr;
}
}
Then I initialize this class
$fol = new get_followers($userid);
$fol_arr = json_encode($fol);
echo $fol_arr;
Then I get
{"followers_arr":["1234","456"]}
but what i want want just to get this
["1234","456"]
How is that works?
I don't think you understand how constructors work. You can't return a value from a constructor because it's just used to instantiate the object. When you're doing $fol_arr = json_encode($fol); you're actually encoding the entire object, not it's return value.
If you really want to use a class to do this, you should add a method to the class and use that, like this:
class Followers {
public $followers_arr = array();
public $user_id = null;
public function __construct($user_id) {
$this->user_id = $user_id;
}
public function get()
{
$query = "select * from followsystem where following ='{$this->user_id}'";
$q = mysql_query($query) or die(mysql_error());
$count = mysql_num_rows($q);
if ($count > 0) {
while ($row = mysql_fetch_assoc($q)) {
array_push($this->followers_arr, $row['userid']);
}
}
return $this->followers_arr;
}
}
And use it like this:
$fol = new Followers($userid);
$fol_arr = json_encode($fol->get());
echo $fol_arr;
The solution to your problem is to do $fol_arr = json_encode($fol->followers_arr);
Nonetheless, making a class in this case is completely obsolete, since you only make it as a wrapper for a single function you want to execute (called get_followers) Instead of making a class, you could simply make the following:
function get_followers($user_id) {
$followers_arr = [];
$query = "select * from followsystem where following ='$user_id'";
$q = mysql_query($query) or die(mysql_error());
$count = mysql_num_rows($q);
if ($count > 0) {
while ($row = mysql_fetch_assoc($q)) {
array_push($followers_arr, $row['userid']);
}
}
return $followers_arr;
}
$fol = get_followers($userid);
$fol_arr = json_encode($fol);
echo $fol_arr;
There is no need to put it in a class unless the class serves the purpose of combining a few functions and variables to create a behaviour.
I got below class to fetch records in database, how can use foreach to loop all data in page?
class User{
public function get_user_listing($user_id, $mysqli){
$sql = $mysqli->query("SELECT * FROM `listing` WHERE user_id='".$user_id."'");
if($sql->num_rows > 0){
return $query->result();
}else{
return false;
}
}
}
in my page, if I call:
$user = new User;
$listing = $user->get_user_listing($user_id, $mysqli);
foreach(listing as $value){
echo $value->table_field;
}
But I think that is not a correct way.
You need to return the actual result $sql:
if($sql->num_rows > 0){
return $sql;
} else {
return false;
}
Since you are returning a result set you need to fetch rows:
$user = new User;
$listing = $user->get_user_listing($user_id, $mysqli);
while($row = $listing->fetch_object()){
echo $row->table_field;
}
Or you could add the fetch loop to the class function and return an array of $row[] objects.
Also, I would make some changes here:
private $mysqli;
public function __construct($mysqli) {
$this->mysqli = $mysqli;
}
public function get_user_listing($user_id) {
$mysqli = $this->mysqli;
//or just use $sql = $this->mysqli->query("SELECT * FROM `listing` WHERE `user_id` = '$user_id'");
//etc...
}
Then:
$user = new User($mysqli);
$listing = $user->get_user_listing($user_id);
Better use a prepared statement to protect from SQL injection. And check the returned value from get_user_listing for false or undef.
public function get_user_listing($user_id, $mysqli){
$sql = "SELECT * FROM `listing` WHERE user_id=?";
if ($stmt = $conn->prepare($sql)) {
$stmt->bind_param("i", $user_id);
$stmt->execute();
$result = $stmt->get_result();
return $result;
}
}
$user = new User;
$result = $user->get_user_listing($user_id, $mysqli);
if(isset($result))
{
while ($row = $result->fetch_assoc()) {
print $row['table_field'];
}
/* free result set */
$result->free();
}
I'm 'doomsday' (mysql_ depreciation!) prepping some of my older applications that take the use of mysql_ extentions. I am currently converting them into PDO.
I use a lot of functions to make my work easy. However I cant get the $db->query within a function to work. For example I'm converting this function:
function GetAccount($account_id){
$Query = mysql_query("SELECT name, balance, account_number FROM accounts WHERE id = '$account_id'");
if (mysql_num_rows($Query) > 0){
$Result = mysql_fetch_assoc($Query);
return $Result;
} else {
return false;
}
}
Into this PDO function.
function GetAccount($account_id){
global $db;
$Result = $db->query("SELECT name, balance, account_number FROM accounts WHERE id = '$account_id'");
if (count($Result) > 0){
return $Result;
} else {
return false;
}
}
I have established a PDO connection outside of this function, which works fine with queries outside of any function.
The problem for the second (PDO) function is that the $Result is empty. A var_dump returs: bool (false).
What am I forgetting/doing wrong?
Thank you :)
Fixed it, new function:
function GetAccount($account_id){
global $db;
$Result = $db->prepare("SELECT name, balance, account_number FROM accounts WHERE id = '$account_id'");
$Result->execute();
$Result = $Result->fetch();
if (count($Result) > 0){
return $Result;
} else {
return false;
}
}
The only thing I did was :
$Result->prepare("query stuff");
$Result->execute();
$Result = $Result->fetch();
I'm trying to build a REST api(using Restler) which takes in username and password for login and generates a session key. Once sessionkey is generated, user will be able to pass this session key to access other classes in the api. Is it possible to get the name of the class that invokes __isAuthenticated function?
My Auth Class:
<?php
class Auth implements iAuthenticate
{
public static $sessionKey;
public static $currentUser;
public $tempsesskey;
function __isAuthenticated ()
{
if (isset($_GET['useremail']) && isset($_GET['userpass'])) {
$user = $_GET['useremail'];
$pass = $_GET['userpass'];
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
mysql_query(
"UPDATE `userdetail` SET lastlogin=NOW()
WHERE useremail='$user' AND userpass=md5('$pass')");
if (mysql_affected_rows() > 0) {
$result = mysql_query(
"SELECT sessionkey from usersession where TIMESTAMPDIFF(MINUTE,lastactivity,now()) < 20 and useremail='$user'");
while ($row = mysql_fetch_assoc($result)) {
$tempsesskey = $row['sessionkey'];
}
if (strlen($tempsesskey) > 0) {
mysql_query(
"UPDATE usersession set lastactivity=now() where sessionkey='$tempsesskey'");
} else {
$tempsesskey = generateKey(52);
mysql_query(
"UPDATE `usersession` set sessionkey='$tempsesskey',keyvalid='Y' where useremail='$user'");
}
self::$currentUser = $user;
self::$sessionKey = $tempsesskey;
return TRUE;
}
} else
if (isset($_GET['sessionkey'])) {
$sesskey = $_GET['sessionkey'];
$sesskey = mysql_real_escape_string($sesskey);
$result = mysql_query(
"SELECT sessionkey from usersession where sessionkey='$sesskey' and TIMESTAMPDIFF(MINUTE,lastactivity,now()) < 20");
if (mysql_affected_rows() > 0) {
while ($row = mysql_fetch_assoc($result)) {
$tempsesskey = $row['sessionkey'];
self::$sessionKey = $tempsesskey;
}
return TRUE;
}
}
}
}
There is a simple way of setting the property on the Authentication class by adding custom php doc comment /annotation which is explained in Authentication with ACL. You can use the same technique for your purpose as well
This is a really simple thing, but it's not working for some reason. Heres my code.
I am making function (its part of a class) which checks if a username or email exists:
public function exists ($what, $who)
{
$sql = "SELECT * FROM users WHERE $what = $who";
$query = mysql_query($sql);
if (mysql_num_rows($query) != 0)
{
return true;
}
else
{
return false;
}
}
The function returns nothing. In fact if I run that query through regular PHP it returns nothing also. I don't understand why.
This following piece of code returns news entries perfectly:
function fetch($id = '')
{
if (empty($id))
{
$query = 'SELECT * FROM news ORDER BY id desc';
}
elseif (is_numeric($id))
{
$query = "SELECT * FROM news WHERE id = $id";
}
else
{
$route->to(SITE_URL);
}
$result = mysql_query($query);
if (mysql_num_rows($result) > 0)
{
return $result;
}
}
I am confused.
The problem is that you are missing quotes in your query:
$sql = "SELECT * FROM users WHERE $what = $who";
//SELECT * FROM users WHERE username = Mario is not a valid query
should be:
$sql = "SELECT * FROM users WHERE $what = '$who'";
the other queries are working because you are checking against an id, in this case against a string (and in this case you need quotes)
maybe the query execution failed and you have error turned off on screen in your php.ini
Try to add an intermediate check on the correct execution of the query:
$query = mysql_query($sql);
if ($query === FALSE) {
// log error with mysql_errno($conn) and mysql_error($conn);
} else {
if (mysql_num_rows($query) != 0) {
return true;
etc. etc.