Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I'm trying to search a specific string from a whole MySQL database not from only a single table of the database and get the data as a JSON object in my android app.
here is my php file
<?php
error_reporting(E_ALL ^ E_DEPRECATED);
$con = require("connection.php");
if (isset($_POST['submit']))
{
$username = $_POST['username'];
$password = $_POST['password'];
}
$statement = mysqli_prepare($con, "SELECT * FROM user WHERE username = ? AND password = ?");
mysqli_stmt_bind_param($statement,"ss",$username,$password);
mysqli_stmt_execute($statement);
mysqli_store_result($statement);
mysqli_stmt_bind_result($statement,$id,$name,$phone,$email,$username, $password);
$user = array();
while(mysqli_stmt_fetch($statement)){
$user[name]= $name;
$user[phone]= $phone;
$user[email]= $email;
$user[username]= $username;
$user[password]= $password;
}
echo json_encode($user);
mysqli_stmt_close($statement);
mysqli_close($con);
?
But I don't want to search only in user table instead of i want to search in whole database. please help.
There are no direct way to SELECT from the whole database. Instead you can get all tables from the information_schema like this.
Then you can loop over all tables and search in all columns with the comlumn types like eg. varchar, text or others depending on your needs.
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
Hi i have little problem with if statements while checking if $GET values are sended. The problem is the following: If I run this code the variables in the second if condition becomes inserted but I cant get variables from the second if condition outside the second if condition. Why does that happening? I've already tried it with return but it wont work. What is the mistake?
$gameid = $_GET['gameid'];
$id = $_GET['id'];
$questionid = $_GET['questionid'];
if (isset($_GET['gameid'])) {
$answer = "answer_d";
}
if (isset($_GET['id'])) {
// insert values into mysql database
$answer = "answer_m";
}
then I want to echo the variable $answer in a <p> tag.
If I understand your question correctly then the issue is that the $answer variable doesn't exist outside of the scope of the if statements. Try defining $answer alongside your other variables such as $gameid and then updating the value within the if statements.
at first initialize the variable value. then you echo this variable after all condition then you understand which if block your code enter or not
$gameid = $_GET['gameid'];
$answer = '';
$id = $_GET['id'];
$questionid = $_GET['questionid'];
if (isset($_GET['gameid'])) {
$answer = "answer_d";
}
if (isset($_GET['id'])) {
// insert values into mysql database
$answer = "answer_m";
}
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 6 years ago.
Improve this question
I'm trying to implement a basic login functionality on my website. I'm using the following code to fetch data from database and see if the username and password is correct or not:
$STH = $conn->prepare("SELECT * FROM users WHERE uid = '$uid'");
$STH->bindParam(':uid', $uid);
$STH->bindParam(':pass', $pass);
$uid = $_POST['uid'];
$pass = $_POST['pass'];
if($STH->execute()) {
if($row = $STH->fetch()) {
if ($row['pass'] == $pass) {
echo "Logged in Successfully <br>";
} else {
echo "Username or Password Incorrect<br>";
}
} else {
echo "<script>alert('Incorrect Username');</script>";
}
}
}
However, I keep getting the error Incorrect Username even though it is in the database. This means that there is something wrong with how I'm fetching the data after executing the query but I can't understand what exactly.
I was using the prepared statements incorrectly. I wasn't really binding anything in the query. The correct implementation would have been:
$STH = $conn->prepare("SELECT * FROM users WHERE uid = :uid");
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I'm trying to add password hashing. Am I doing this right? I've downloaded the password.php and required it in my sight up page.
Am I on the right track?
if($oForm2-> valid == true){
$oUser = new User();
$oUser-> FirstName = $_POST["FirstName"];
$oUser-> LastName = $_POST["LastName"];
$oUser-> Email = $_POST["Email"];
$oUser-> Password = password_hash($_POST["Password"],PASSWORD_BCRYPT);
$oUser-> Password = $_POST["ConfirmPassword"];
$_SESSION["UserID"] = $oUser-> UserID;
$oUser->save();
// re direction to the index once they have loged in.
header("Location:http:myPortfolio.php?UserID=".$oUser->UserID);
exit;
}
$oUser-> Password = $_POST["ConfirmPassword"];
You don't need this. You have defined one line up allredy like hash string.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
<?php if($_POST) {
$username = htmlspecialchars($_POST['username']);
$password = htmlspecialchars($_POST['password']);
$mysqli = new mysqli('localhost','root','','movie_posters');
$query = $mysqli->query("SELECT password FROM users WHERE username = '"$username"'");
} ?>
When I try this code on WAMP, I get error like; this http://i.stack.imgur.com/qcifR.jpg
What can I do ?
Do not use single and double quotes in your query.
This is the right way:
$query = $mysqli->query("SELECT password FROM users WHERE username = '$username'");
Otherwise, you will not print $username's value.
You have to put periods before and after you variable.
In your example:
$query = $mysqli->query("SELECT password FROM users WHERE username = '".$username."'");
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I have designed a registration form where users are being registered by there name and phone no. now i want a script so that there should be a cheak before registering any user, that wheather the phone number is already been registered or not, only if the user is new he can register into and his data will be filled in the database...
I hope you could do this using this method
if(isset($_POST['signup'])){
$user_name= $_POST['name'];
$phone = $_POST['phone'];
$check = mysql_query("SELECT * FROM users WHERE name='$user_name' AND phone='$phone'");
if( mysql_num_rows($check) ==0 ){
//User is not exist run INSERT Query here
}
else
{
//User is Exist
$exist = true;
exit;
}
}
I don't want to do all of your work for you, but I'll gladly point you in the right direction.
You can do a SELECT query on your users table with the desired username in the WHERE clause and you can use the mysql_num_rows($queryCallback) function in an if statement to see if there are one or more rows returned. If there are, then the process will be terminated and you can just send the user back with an error message.
Example:
SELECT * FROM Users WHERE username = "monkeyballs";
Returns 1 Row
if (mysql_num_rows($result) >= 1) {
return false;
//terminate the registration
} else {
//INSERT query and whatnot
}
Good luck!
I recommend you research MySQL functions in PHP or pick up a framework. CakePHP makes registration / logging in a breeze. Just my two cents for you.
You will have to query the database table holding info about the already registered users and see if that is already there:
eg:
$mysqli = new mysqli("localhost", "user", "password", "dbname");
if (mysqli_connect_errno()) {
printf("Connection failed: %s\n", mysqli_connect_error());
exit();
}
if ($query = $mysqli->query("SELECT id FROM users WHERE phone = '123456'")) {
if($result->num_rows == 0)
//register user
else
// send error message
}