This question already has answers here:
How to check if a row exists in MySQL? (i.e. check if username or email exists in MySQL)
(4 answers)
Reference - What does this error mean in PHP?
(38 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 4 years ago.
I have a form and fields are Name, Email, Password. Client-side validation is working perfectly. I am working on server-side validation.
I am getting the issue on else part. For testing, I added echo $email and I am getting the email id. Now that email id will check in the database is exists or not. If exist the display the error if not existing the display the not exist.
if(condition){}
elseif(condition){}
elseif(condition){}
elseif(condition){}
else{
echo $email; // here I am able to display the email id
$sql_check_email="SELECT email FROM register WHERE email =?";
$stmt = $conn->prepare($sql_check_email);
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->bind_result($email);
$rows = $stmt->fetch();
$total_rows = count($rows);
if( $total_rows > 0 ){
$_SESSION['email_error']= 'This email is alredy register with us';
header('location:register');
}else{
echo $email;// why my email id not displaying here?
echo $name;
echo $password;
echo $date_of_added;
echo"Not exist";
}
Your issue is:
$stmt->bind_result($email);
That line replaces variable with query result.
Just use another variable for results.
You also use fetch result wrong, it returns just true/false/null value of fetch state. Use bind_result binded variable to get your results.
Related
This question already has an answer here:
Trying to access array offset on value of type bool
(1 answer)
Closed 2 years ago.
I have a simple login form using PDO prepared statements which worked fine under php 7.3 but under 7.4 i find this has an issue
the code im using simply is:
if(isset($_POST['btn_login'])){
$useremail = $_POST['txt_email'];
$password = $_POST['txt_password'];
$select= $pdo->prepare("select * from tbl_user where useremail='$useremail' AND password='$password'");
$select->execute();
$row=$select->fetch(PDO::FETCH_ASSOC);
if($row['useremail']==$useremail AND $row['password']==$password){
echo $success='Login Successful';
header('refresh:1;dashboard.php');
}else{
echo 'Login Failed';
}
using PDO and prepared statements whats the correct solution for php 7.4?
Because there is no result with your query. It returns FALSE and you try to access false as an array.
So test if row is filled with data
(see updated if statement).
Btw. do echo after header.
if($row && $row['useremail']==$useremail && $row['password']==$password){
header('refresh:1;dashboard.php');
echo $success='Login Successful';
} else{
echo 'Login Failed';
}
Hint: use prepared statements
$select = $pdo->prepare("SELECT * FROM tbl_user WHERE useremail=? AND password=?");
$select->execute([$useremail, $password]);
Warning
Do never save passwords in plain text. Use encryption.
This question already has answers here:
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Reference - What does this error mean in PHP?
(38 answers)
Closed 2 years ago.
I have created a login page however I'm having a hard time authenticating the user. I am able to establish a connection however my sanitation is not working. I'm not sure if its the select statement or HTML related. I've played around with different SELECT statements and troubleshooted the code further up but that doesn't seem to be the problem.
<?php
// Now I check if the data from the login form was submitted, isset() will check if the data exists.
if (!isset($_POST['username'], $_POST['user_password'])) {
echo 'error2';
// Could not get the data that should have been sent.
exit('Please fill both the username and password fields!');
}
// Prepare our SQL, preparing the SQL statement will prevent SQL injection.
if ($stmt = $con->prepare("SELECT id, username, user_password FROM user_info WHERE username = ?")) {
// Bind parameters (s = string, i = int, b = blob, etc), in our case the username is a string so we use "s"
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
// Store the result so we can check if the account exists in the database.
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->bind_result($id, $user_password);
$stmt->fetch();
// Account exists, now we verify the password.
// Note: remember to use password_hash in your registration file to store the hashed passwords.
if (password_verify($_POST['user_password'], $user_password)) {
// Verification success! User has loggedin!
// Create sessions so we know the user is logged in, they basically act like cookies but remember the data on the server.
session_regenerate_id();
$_SESSION['loggedin'] = true;
$_SESSION['name'] = $_POST['username'];
$_SESSION['id'] = $id;
echo 'Welcome ' . $_SESSION['name'] . '!';
} else {
echo 'Incorrect password!';
}
} else {
echo 'Incorrect username!';
}
$stmt->close();
} else {
echo 'error3';
}
You're selecting 3 columns in SELECT id, username, user_password but you're only binding two variables in $stmt->bind_result($id, $user_password);. This mismatch will cause an error.
There's no need to select username since that's the column you're matching in the WHERE clause. Change the select list to SELECT id, user_password to match the variables you're binding.
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 5 years ago.
I am writing a login form with PHP and Mysql.
I did everything its just the forgot password that is not working.
It sends me email confirmation but it does not update the password in the database.
First is the forgot page, then sends an email and redirect me to the confirm_pass.html page where is the form for the two passwords and on this page executes the confirm_pass.php where is doing everything, except updating the password in the database.
Please help.
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Make sure the two passwords match
if ( $_POST['newpassword'] == $_POST['confirmpass'] ) {
$new_password = password_hash($_POST['newpassword'], PASSWORD_BCRYPT);
$email = $mysqli->escape_string($_POST['email']);
$confirm_code = md5(rand().$password);
$result = "UPDATE `mv_db`.`users` SET `password`='$new_password', `confirm`='$confirm_code' WHERE `email`='$email'";
if ( $mysqli->query($result) ) {
header("location: login.html");
}
}
else {
$_SESSION['message'] = " The two passwords you entered don't match, try again!";
header("location: error.php");
}
}
?>
Your $_POST['email'] is not defined, because there is no "email" field in your HTML form.
So nothing is updated in database, because there is no matching record.
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
How to include php file in a php file
(1 answer)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 5 years ago.
So i have a page where there is a button when clicked it takes u to an admin page.
if u click it first takes u to a admincheck code before bringing u to the adminpage. In that admincheck page it should let admins go through and normal users redirected back. It doesnt work i dont know why
here is the admincheck code:
<?php
include "dbconnection.php";
include "login.php;"
$query = "SELECT * FROM gebruikers WHERE gebruikerID = $userid";
$result = mysqli_query($conn, $query);
$count = $conn->affected_rows;
if($row['admin']=='Ja'){
header("location: contactregister.php");
}
else{
$message = "You shall not pass!";
echo "<script type='text/javascript'>alert('$message');</script>";
header("location: home.php");
}
?>
Did i do anything wrong in that code??
This question already has answers here:
Check if a row exists using old mysql_* API
(6 answers)
Closed 7 years ago.
I have a simple PHP file in which I check if the users email exists in my database using the following code:
$query = "SELECT * FROM userData WHERE email = '$email'";
$result = mysql_query($query);
Which works perfectly fine when the user enters an email address that is in the database, however, when I want to determine if this $query is null or empty - I'm not sure which one though.
When I enter an email that isn't in the database and add the following code in below:
if(is_null($result)){
echo 'email not in database';
}
the code in the {} isn't executed.
I was just wondering if you could help me out.
Hi again,
Sorry for the duplicating another post. I corrected it by using:
if(mysqli_num_rows($result) > 0)
{
// a row with email exists
}
else
{
// no row with particular email exists
}
You can directly check whether your query executed or not by
if($result > 0){
// perform some action
}
You should use mysqli_ instead of mysql_ as it is deprecated and will be removed in future.
what you need is mysqli_num_rows() to see if atleast 1 row was in the table or not
for reference - num_rows
if(mysqli_num_rows($result) > 0)
{
// a row with email exists
}
else
{
// no row with particular email exists
}
Try this
$row = mysql_fetch_rows($result);
if(!$row){
echo 'email not in database';
}
OR
$num = mysql_num_rows($result);
if($num == 0){
echo 'email not in database';
}
You can try this too !
if(empty($result)){
echo 'email not in database';
}
empty() will check if $result is null, or its value is 0, or if $result doesn't exists.
See here : http://php.net/manual/fr/function.empty.php