I created an background working script, that updates my database table on a condition.
Here is my main script:
<?php
require_once('conn.php');
$query = "SELECT * FROM user WHERE id = '" . $_COOKIE['username'] . "'";
$data = mysqli_query($dbc, $query);
$row = mysqli_fetch_array($data);
if($row['ehp'] > $row['required_ehp']) {
// The 'ehp' column is greater than 'required_php'
$calc = $row['ehp'] % $row['required_ehp'];
$new = $row['required_ehp'] * 12;
$new_lvl = $row['level'] + 1;
$query2 = "UPDATE user set level = '$new_lvl', ehp = '$calc', required_ehp = '$new'";
mysqli_query($dbc, $query2);
echo 'query successful';
} else {
echo 'query unsuccessful' . mysql_error();
}
echo $row['ehp'] % $row['required_ehp'];
echo $row['required_ehp'];
?>
The error message I am getting from this script is:
query unsuccessful
Warning: Division by zero in H:\AppServ\www\sp\userlevel.php on line 21
I don't know what's is wrong. Please help me.
Here is the database column's image.
Since you see query unsuccessful, that means that the line if($row['ehp'] > $row['required_ehp']) is false.
In the line echo 'query unsuccessful' . mysql_error(); there is no mysql error, therefore you only see the line query unsuccessful.
Also you get the devision by 0 warning. This is caused by the line echo $row['ehp'] % $row['required_ehp'];. It seems $row['required_ehp'] is 0.
Summing this all up, perhaps the data you expect to be in $row is not what you are expecting. Maybe the cookie data is incorrect?
Also, putting the cookie data straight into the query is a horrible idea, and easily to hack.
Okay I found out my mistake it was just that in id in my database, I was searching for the username column. Sorry to bother you all.
Related
I want to take the value of a single MySQL cell and use it as a string inside PHP code - I already know the cell exists, where it is, and nothing else is needed. What's the easiest way to do this? All the examples I've found focus on using a loop to output multiple rows into a table, which seems needlessly complicated for my purposes.
Basically what I want to do is this:
require_once 'login.php'; // Connects to MySQL
$sql = "SELECT name FROM users WHERE id='1'"; // id is determined elsewhere
$result = mysqli_query($connect, $sql);
echo "Your name is " . $result;
But I get an error message that it's not a valid string.
You forgot to fetch record from $result using mysqli_fetch_assoc().
So you can fix your code this way:
$result = mysqli_query($connect, $sql);
while ($row = mysqli_fetch_assoc($result)) {
echo "Your name is " . $row['name'];
}
I recently converted a code block into a function so I can call it easily more than just once. My problem is that as soon as I related the block to a function it fails the SQL query every time. Here's my code block:
function checkEvent()
{
if(!empty($_GET['e']))
{
$sql = mysqli_query($link, "SELECT * FROM events WHERE EventID = '" . mysqli_real_escape_string($link, $_GET['e']) . "'");
if($sql && mysqli_num_rows($sql)==1)
{
if($row = mysqli_fetch_row($sql))
{
$eventid = $row[0];
$eventname = $row[1];
$desc = $row[2];
$time = $row[3];
echo $_GET['e'];
}
}
else
{
echo $sql;
$failure = "Num Rows Error encountered: " . mysqli_error($link) . " / Num Rows: " . mysqli_num_rows($sqlE);
}
}
}
Now, I've added echos in the relevant places to check and where it currently says echo $sql; if I change that to echo "Fail."; then it will indeed do that. I have tried to get the result as a number of rows and that comes back blank. I don't understand this as my EventID is an AUTO INCREMENT and as such HAD to start at 1. I've triple checked the first entry is 1 as well.
I'm probably not seeing something really obvious, I just can't understand why this code block stopped working the instant I placed a function block around it.
$link doesn't exist inside your function. You either need to pass that as a parameter to the function or skip it entirely and use the "current" DB connection.
"current" in quotes because while it should work just fine while you're utilising a single database connection for the entire process, as soon as you'd start using multiple connections (to connect to multiple databases,) this approach would fail terribly.
I really got a problem now. I tried for decades and I can't find why it is not working. I want to get the user that is logged in to see their email on a specific page. I tried a new code now and i get this error: Notice: Undefined variable: row in
The code I use is:
<?
$username = $_SESSION['username'];
$sql = "select * from users where username=" . $username . "";
echo $sql;
$query = mysql_query($sql);
while ($row = mysql_fetch_array($query)) {
}
?>
AND
<?php echo $row['email']; ?>
<?php
$username = $_SESSION['username'];
$query = mysql_query("select * from users where username='".$username."'");
while ($row = mysql_fetch_array($query)) {
$email=$row["email"];
}
echo $email;
?>
try this.
don't use mysql_* functions
I think... Problem is in SQL query. I propose your column "username" is something like VARCHAR(50). So you have to add quote.
$sql = "select * from users where username='" . $username . "'";
I see a bug, and a design problem.
You've designed your script so that you're printing whatever was last assigned to $row in the condition of your while loop.
You're getting the error because the query is not returning anything and the loop is not running. Therefore, $row is never assigned. That being said, you probably don't want to use a while-loop if all you're trying to do is display the value of the "email" column in the first record returned. If you did want to, then stop it.
Call mysql_fetch_assoc() on your $result (doesn't return as much data), and check that it doesn't return FALSE (one or more records weren't found).
if((row = mysql_fetch_assoc($result)) === false)
die("Error.");
?>
Email:
I have a little test project set up so that when you click a wolves's name, it takes them to a page that I want to use to personalize information concerning whichever wolf they clicked on. The page is called wolf.php. I'm trying to using passing variable the $_GET method to assign the URL the wolves id, i.e www.testsite.com/wolf.php?id=1 but the page then displays nothing even though I do not get an error.
Here's the home page (home.php)
<?php
$username = $_SESSION['username'];
$result = #mysql_query("SELECT * FROM wolves WHERE owner = '$username'");
while($wolf = mysql_fetch_array($result))
{
echo "<a href= wolf.php?id=$wolf[id]>$wolf[name]</a>";
};
?>
Clicking this link takes me to www.testsite.com/wolf.php?id=1 (or whatever the id was). On wolf.php I have this:
<?php
$id = $_GET['id'];
$result = #mysql_query("SELECT name FROM wolves WHERE id = '$id'") or die("Error: no
such wolf exists");
echo .$result['name'].
;
?>
I'm not sure where I went wrong but this doesn't seem to be working. No information regarding the id of the wolf shows up. Thanks for help in advance.
Turn on error reporting with error_reporting(E_ALL); ini_set('display_errors', 1); in development so you see the fatal syntax errors in your code. It is also recommended to remove # error suppression operator from your mysql_*() calls.
You have syntax problems on the last line. Unexpected . concatenation operators:
// Wrong:
// Parse error: syntax error, unexpected '.'
echo .$result['name'].
;
// Should be:
echo $result['name'];
Next, you have not fetched a row from your query:
// mysql_query() won't error if there are no rows found. Instead you have to check mysql_num_rows()
$result = mysql_query("SELECT name FROM wolves WHERE id = '$id'") or die("Query error: " . mysql_error());
// Zero rows found, echo error message.
if (mysql_num_rows($result) < 1) {
echo "No such wolf.";
}
else {
// Row found, fetch and display.
$row = mysql_fetch_assoc($result);
echo $row['name'];
}
Note that this script is wide open to SQL injection. At a minimum, call mysql_real_escape_string() on your query input variables.
$id = mysql_real_escape_string($_GET['id']);
Ultimately, think about using PDO or MySQLi instead of the old mysql_*() functions, as they support prepared statements for greater security over manually escaping variables. The mysql_*() functions are planned for deprecation.
Firstly need fetch a result row.
Variant 1 - associative array (values are avialable as field names)
$result = mysql_fetch_assoc($result);
echo $result['name'];
Variant 2 - enumerated array (by index, started from zero)
$result = mysql_fetch_row($result);
echo $result[0];
<?php
$username = $_SESSION['username'];
$result = #mysql_query("SELECT * FROM wolves WHERE owner = '$username'");
You forgot the session_start(); at the begining. $username is "" and the sql maybe is returning 0 records.
In your second snippet you can't treat $result like it's an array; it's a resource identifier. To get an array, do:
$row = mysql_fetch_assoc($result);
echo $row['name'];
Also read about SQL injection vulnerability.
Hey guys, Im doing a series of if statements based on a session variable that is set (which looks at a value in the DB and then decides whether to empty the session, or name it. However I'm having problems in that the session is always named, regardless of whether the record in the database is '0' or not. The query works fine when run in mysql. Here's the code:
session_start();
$_SESSION['MemberType'] = '';
mysql_select_db($database_choices, $choices);
$query = "Select lifemember from registrants where username = '" . $_SESSION[kt_login_user] . "'";
$result = mysql_query($query) or die ("Error in query: $query. ".mysql_error());
while($row = mysql_fetch_array($result))
{
if ($row['lifemember'] == '1')
{
$_SESSION['MemberType'] = 'LifeMember';
}
else if($row['lifemember'] == '0')
{
$_SESSION['MemberType'] = '';
}
}
Precheck: If you are getting any 'Headers already sent...' then you have some output already on the page which is preventing the setting of session.
Otherwise try debugging steps like:
1) Do an echo $row['lifemember'] inside the while loop so that you know REAL value of what's been fetched from DB.
2) In else block, change it to $_SESSION['MemberType'] = 'Hello'; Then see, whether Hello is printed or not?