I'm a beginner in learning how to set up database & PHP script and follow example
to do that, then when I run login.php script I can't retrieve data from the database ,
I really feel that is a very simple question for others but I tried to solve it But didn't succeed, so can someone take look on my code then Corrects it?
here is my php script :
init.php :
<?php
$db_name = "webapp";
$mysql_username = "root";
$mysql_password = "";
$server_name = "localhost";
$con=mysqli_connect($server_name, $mysql_username, $mysql_password, $db_name);
if (!$con) {
echo "Connection Error ......." . mysqli_connect_error();
} else {
echo "<h3>Database connection Success .....</h3>";
}
?>
login.php :
<?php
require "init.php";
$user_name = "YASER";
$user_phone = "123456";
$sql_query = "select name from user_info where user_name like'$user_name'and
user_phone like'$user_phone';";
$result = mysqli_query($con,$sql_query);
if (mysqli_num_rows($result)>0)
{
$row = mysqli_fetch_assoc($result);
$name = $row["name"];
echo "<h3> Hello And Wellcome" . $name . "</h3>";
} else {
echo " No Info Is Available .......";
}
?>
1st : First check that query is executing or failing
if(!$result){ echo mysqli_error($con); }
2nd : use = instead of like
$sql_query = "select name from user_info
where user_name='$user_name' and
user_phone='$user_phone'";
3rd : You need to give proper spacing In query
like'$user_name'and
^^^ ^^^
To
like '$user_name' and
You have error in your query.
try this to find error
$result = mysqli_query($con,$sql_query) or die(mysqli_error($con));
Your query should be like as follow...
'SELECT name FROM user_info WHERE user_name LIKE "'.$user_name.'" AND user_phone LIKE "'.$user_phone.'"';
Related
Forum residents!
I had a problem with a MySQL and PhP based user system: I want you to display only the data of the user with I am currently logged in.
The problem is that it also displays data from other users.
There is a MySQL table containing the following columns: id, username, password, email, VPSID. The goal is for each user to display their own VPSID, if the user logged in.
The site does not write anything or this display the data of all users.
The code:
<?php
session_start();
if(!isset($_SESSION['username'])){
header('location: login.php');
}
$hostname = 'blabla..';
$username = '';
$password = '';
$dbname = '';
$conn = mysqli_connect($hostname, $username, $password, $dbname);
if(!$conn) {
echo "Connection error: " .mysqli_connect_error();
}
$result = mysqli_query($conn, "SELECT * FROM users WHERE id ='".$id."'");
while($row = mysqli_fetch_array($result)) {
echo $row['VPSID'];
}
?>
What have I done wrong and what is the right solution?
Thanks in advance!
$id is null thats your problem.
Maybe $id = $_SESSION["id"];
If you dont store it that way go off username since I'm going to guess they are unique
$user_name = $_SESSION["username"];
$result = mysqli_query($conn, "SELECT VPSID FROM users WHERE username ='$user_name'");
while($row = mysqli_fetch_array($result)) {
echo $row['VPSID'];
}
I have this code:
<?php
$user = $_COOKIE["user"];
$password = $_COOKIE["password"];
$localhost = "localhost";
$userdb = "xxxxx";
$passworddb = "xxxxx";
$database = "xxxxx";
$conn = mysqli_connect($localhost, $userdb, $passworddb, $database);
$vyber = "SELECT PASSWORD FROM Login WHERE User=".$user;
$result = mysqli_query($conn, $vyber);
echo $result;
?>
Cookie are set and if I use $vyber in database so everything is good. But there PHP write nothing. Can anybody tell, what I doing wrong? (Without comand $vyber every thing running perfect)
instead of,
echo $result
try to do that :
while ($row = mysqli_fetch_row($result)){
echo $row[0];
}
It is query error change query to :
$vyber = "SELECT PASSWORD FROM Login WHERE User='$user'";
if did not work use die function to dispaly error message :
mysqli_query($conn, $vyber) or die(mysqli_error($conn));
To fetch records :
while ($row = mysqli_fetch_array($result)){
echo $row[0];
}
I have a database which stores data. How can I view data in my database with the same username as my session? What I have tried is below. There is a session and the username is uploading in each row in the database.
This is what I'm trying to do: say I logged in as jack I typed data in and sent it to the database. It saves the name as jack and then only views the results with jack. But it is saying 0 results. Why?
<?php
session_start();
if (isset($_SESSION['username'])) {
$username = $_SESSION['username'];
echo "$username";
}
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "score";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT id, name, description FROM all_scores WHERE username = '".$username."' ORDER BY id DESC LIMIT 5";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<p></p>";
echo "". $row["name"]. "";
echo "<p>". $row["description"]. "</p>";
}
} else {
echo "0 results";
}
$conn->close();
?>
you have two mistakes
1- SQL syntax error, correct syntax is
$sql = "SELECT id, name, description FROM all_scores WHERE username = '".$username."'";
2- the variable $username is overwritten by the username of the database
try this:
$sql = "SELECT id, name, description FROM all_scores WHERE username = '".$_SESSION['username']."'";
Using the code below, I was able to display each username and trial 1/0 flag in the table. What I want to do is display the data only for the existing user so I can say something like "Hello USERNAME, you have TRIAL access..." etc...
We're using standard HTACESS as the un/pass to enter the info area.
What needs to change here to only show the existing user's session?
<?PHP
$user_name = "blahblahblah";
$password = "blahblahblah";
$database = "blahblahblah";
$server = "127.0.0.1";
$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$SQL = "SELECT * FROM member_auth";
$result = mysql_query($SQL);
while ( $db_field = mysql_fetch_array($result) ) {
print $db_field['username'] . " : ";
print $db_field['trial'] . " <br> ";
}
mysql_close($db_handle);
}
else {
print "Database NOT Found ";
mysql_close($db_handle);
}
?>
please don't use mysql_ functions.. look into PDO or MySQLi here: http://www.phptherightway.com/#databases
Update your query to only return specific user results.
Using Form POST:
$username = mysql_real_escape_string($_POST["username"]);
$password = mysql_real_escape_string($_POST["password"]);
Using URL Parameters:
$username = mysql_real_escape_string($_GET["username"]);
$password = mysql_real_escape_string($_GET["password"]);
So your SQL query will now look like:
$SQL = "SELECT * FROM member_auth WHERE username = '" . $username . "' AND password = '" . $password . "'";
Im creating a login php script that connects to a mysql db with a table called users containing a list of users. I am running into what looks like either an empty set or a mysql error.
I have included a connection error echo and a query die echo and the script is echoing the latter error that gives me the query string. I run this exact query in phpMyAdmin and get the result I expect (it returns the user).
Why is it dying?
$cxn was defined on the login page that calls this posts to this page
$pass = addslashes($_POST['password']);
$email = addslashes($_POST['username']);
$pw = md5($_POST['password']);
$query = "SELECT * FROM `users` WHERE (`user_email`='$email' AND `user_pass`='$pw')" ;
if (mysqli_connect_errno()){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($cxn,$query) or die(mysqli_error($cxn)."Query= ".$query);
Ive left the first version up. Here is the current incarnation which has the same result.
<?php
$email = ($_POST['username']);
$pw = md5($_POST['password']);
$query = "SELECT * FROM `users` WHERE (`user_email`='$email' AND `user_pass`='$pw')" ;
if (mysqli_connect_errno($cxn)){ //remove later
echo "Failed to connect to MySQL: " . mysqli_connect_error();
} //to here
$result = mysqli_query($cxn,$query) or die(mysqli_error($cxn)."Query=".$query);
echo '<hr>';
echo $result;
while($row = mysql_fetch_array($result)){
echo $row['user_email'];
echo '<hr>';
echo $row['user_pass'];
echo '<hr>';
echo $row['user_fname'];
echo '<hr>';
}
?>
Because your not passing $cxn variable while checking connection:
Change this:
if (mysqli_connect_errno()){
to:
if (mysqli_connect_errno($cxn)){
I just noticed this but you have the following:
$email = ($_POST['username']);
And this should be simply:
$email = $_POST['username'];
Also, try writing your query like this:
$query = "SELECT * FROM `users` WHERE `user_email` = '".$email."' AND `user_pass` = '".$pw."'";