I have a database which stores data. How can I view data in my database with the same username as my session? What I have tried is below. There is a session and the username is uploading in each row in the database.
This is what I'm trying to do: say I logged in as jack I typed data in and sent it to the database. It saves the name as jack and then only views the results with jack. But it is saying 0 results. Why?
<?php
session_start();
if (isset($_SESSION['username'])) {
$username = $_SESSION['username'];
echo "$username";
}
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "score";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT id, name, description FROM all_scores WHERE username = '".$username."' ORDER BY id DESC LIMIT 5";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<p></p>";
echo "". $row["name"]. "";
echo "<p>". $row["description"]. "</p>";
}
} else {
echo "0 results";
}
$conn->close();
?>
you have two mistakes
1- SQL syntax error, correct syntax is
$sql = "SELECT id, name, description FROM all_scores WHERE username = '".$username."'";
2- the variable $username is overwritten by the username of the database
try this:
$sql = "SELECT id, name, description FROM all_scores WHERE username = '".$_SESSION['username']."'";
Related
This question already has answers here:
Single result from database using mysqli
(6 answers)
Closed 5 months ago.
I am trying to retrieve some value from a column in the database.
The idea is to retrieve the IP of the person, then check their country, after that check the database if the country is blacklisted or not. There seems to be something wrong in the code, may you please give an advise?
This is the code:
<?php
//Get IP and country name
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
$servername = "localhost";
$username = "My_Username";
$password = "My_password";
$dbname = "Database_name";
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT country_name FROM uni_country";
$result = $conn->query($sql);
if (strpos($result, $country) == true) {
echo $country ." " . "is banned";
} else {
echo "Your country is not banned";
}
$conn->close();
?>
When I run it, it shows "Your country is not banned" - when it should actually say that my country is banned (I added a country to the database to test this).
The issue seems to be with reading the data from the database.
If I do echo $country; --> It actually shows my country, so it is retrieving it correctly (from geojs.io). But the code is not pulling the data from the database and verifying it.
Update:
If I do echo $result; the page returns Error 500.
Update
tried this new code, now it's saying that the country is not in the database, although it is actually there.
<?php
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
$conn = mysqli_connect("localhost", "database", "password", "username");
$query = mysqli_query("SELECT * FROM `uni_country` WHERE country_name = '$country'");
if(mysqli_num_rows($query)>0) {
echo "Country Is in the database";
}
else {
echo "Country is not in the database";
}
?>
After trying for hours, this is the correct code:
<?php
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
// Create connection
$servername = "localhost";
$username = "MyUsername";
$password = "MyPassword";
$database = "MyDatabase";
$conn = new mysqli($servername, $username, $password, $database);
$sql = "SELECT * FROM uni_country WHERE country_name ='$country'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "You country is currently banned.";
}
} else {
echo "Your country is not banned!";
}
?>
here am trying to get username and password from the database and if their result is found then redirect to some page but mysqli_num_rows returns 0 always i dunno why `
if (isset($_POST['login'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM `login` WHERE username = '$username' AND password = '$password'";
$run = mysqli_query($con,$query);
if (mysqli_num_rows($run) == 1) {
header("location: login.php");
}}?>
`
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "ornament"; // My local DB Name
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$username = "test"; // $_POST["username"] value
$password = "test"; // $_POST["password"] value
$sql = "SELECT * FROM `ornament` WHERE username = '$username' AND password = '$password'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) == 1) {
echo "correct";
} else {
echo "wrong";
}
mysqli_close($conn);
?>
</body>
</html>
OUTPUT:
correct
I have a database name and table name are same, But for me it's working fine.
NOTE: Please check the whether you are using correct password while getting from POST.
Any how you got a solution, Have a great day
Thanks
Muthu
I was trying to make a page where you can log in and then change your nickname or/and password. Everything in mySQL database, but when I try to save the id to session variable, it doesn't work. Any suggestions?
I am using XAMPP, users is my table in database users, I'm not posting login form code, because it's very simple.
Everything is connected, code doesn't give any warnings or errors.
login.php (fragment):
$sql = "SELECT * FROM users WHERE nickname = '$myusername' and pass = '$mypassword' and confirmed = 1";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
$logged = true;
while($row = mysqli_fetch_assoc($result)) {
echo "id: " . $row["id"];
$_SESSION['currentId'] = $row["id"];
echo 'Id: ' . $_SESSION['currentId'];
}
}else {
$error = "Your Login Name or Password is invalid";
}
}
change.php (whole):
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "Users";
$currentId = $_SESSION['currentId'];
if($currentId<1){echo 'No Id.';}
else {echo 'CurrentId: ';
echo $currentId;}
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully <br>";
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$aCUname = mysqli_real_escape_string($conn,$_POST['CUname']);
$aCUpass = mysqli_real_escape_string($conn,$_POST['CUpass']);
$sql = "UPDATE users SET nickname = '$aCUname', pass = '$aCUpass' WHERE id = '$currentId';";
$result = mysqli_query($conn,$sql);
echo 'Updated successfully.';
}
?>
Thanks for help.
I got a solution. I just had to delete
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
from login.php. Thanks to #Shashikumar Misal !
So in my users table there are 5 columns. Id, username, password, email and money.
The money column is an int which is supposed to show how much money that user has. (I'm making a game).
I'm trying to make a script which displays how much money the user in the current session has, but my script displays the money for every user.
My code:
<?php session_start(); ?>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "database4";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT * FROM users";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo $row['money'];
}
} else {
echo "You have no items yet!";
}
$conn->close();
?>
How would I do this?
You've missing where clause in your select query.
it would be something like:
$sql = "SELECT * FROM users WHERE id='{$_SESSION['user_id']}'";
$result = $conn->query($sql);
You just need to replace $_SESSION['user_id'] with the user id you are storing while user gets logged in.
EDIT:
Make sure you have session_start(); where page starts, additionally you may create unique index on email column in users table.
$sql = "SELECT * FROM users WHERE email='{$_SESSION['email']}'";
$result = $conn->query($sql);
The website has a login system, however when a user logs into the website I simply want their details to appear on the next page. This is my code I so far. Problem is, I only want to display the logged in users details, not all the databases details.
<?php $servername = "localhost"; $username = "root"; $password = ""; $dbname = "loginsystem";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT id, firstname, lastname FROM members";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo "<table><tr><th>ID</th><th>Name</th></tr>";
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr><td>" . $row["id"]. "</td><td>" . $row["firstname"]. " " . $row["lastname"]. "</td></tr>";
}
echo "</table>";
} else {
echo "0 results";
}
$conn->close();
?>
LOG IN SYSTEM
<?php
session_start();
if (isset($_POST['username'])) {
include_once("dbConnect.php");
// Set the posted data from the form into local variables
$usname = strip_tags($_POST['username']);
$paswd = strip_tags($_POST['password']);
$usname = mysqli_real_escape_string($dbCon, $usname);
$paswd = mysqli_real_escape_string($dbCon, $paswd);
$sql = "SELECT id, username, password FROM members WHERE username = '$usname' AND activated = '1' LIMIT 1";
$query = mysqli_query($dbCon, $sql);
$row = mysqli_fetch_row($query);
$uid = $row[0];
$dbUsname = $row[1];
$dbPassword = $row[2];
// Check if the username and the password they entered was correct
if ($usname == $dbUsname && password_verify($paswd,$dbPassword)) {
// Set session
$_SESSION['username'] = $usname;
$_SESSION['id'] = $uid;
// Now direct to users feed
header("Location: MemberDetails.php");
} else {
echo "Oops that username or password combination was incorrect.
<br /> Please try again.";
}
}
?>
Add
session_start();
to the top of the page and then on the next page as well and then you will be able to carry over those variables once they are set.
For example:
$_SESSION['user'] = $_POST['user'];
Then on the next page call:
echo $_SESSION['user'];
You first have to implement the user login part. and after that, get the specified user id or login credentials and use that in your query.
In your LOG IN SYSTEM file, put session_start(); before including the db connection.
Then in the member details page do this:
session_start(); //put this on the first line.
Then your query will now look like below:
<?php
$servername = "localhost"; $username = "root"; $password = ""; $dbname = "loginsystem";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$user_id = $_SESSION['id'];
$sql = "SELECT user_id, firstname, lastname FROM members WHERE user_id = ".$user_id;
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo "<table><tr><th>ID</th><th>Name</th></tr>";
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr><td>" . $row["id"]. "</td><td>" . $row["firstname"]. " " . $row["lastname"]. "</td></tr>";
}
echo "</table>";
} else {
echo "0 results";
}
$conn->close();
?>
Database structure