Query table from Session value - php

I am using $_SESSION['']; to get values from a user after they have logged in. This data is coming from the users table.
I am then trying to SELECT * FROM roster table by doing a query and assigning a var for each value when the users API=$API
error_reporting(E_ALL);
include ('database_connection.php');
$DOCSIGNEDBYIP = $_SERVER['REMOTE_ADDR'];
$API = $_SESSION['API'];
$FirstName = $_SESSION['firstname'];
$LastName = $_SESSION['lastname'];
$Email = $_SESSION['email'];
$ExecutionDate = date();
$query = "SELECT * FROM roster WHERE API='$API'";
$result = mysqli_query($dbc, $query);
$address = $result['address'];
database_connection.php
$dbc = #mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASSWORD,
DATABASE_NAME);
I am not getting anything. No errors.

You have to use mysqli_fetch_array() or mysqli_fetch_assoc() or similar function to return values from your mysqli_query() query. See below:
$query = "SELECT * FROM roster WHERE API='$API'";
$result = mysqli_fetch_array(mysqli_query($dbc, $query));
$address = $result['address'];

Related

I cant´t add data to my database

Godd night. I have this code for php to add data to my database but i dont get succes.
<?php
require("config.inc.php");
if (!empty($_POST)) {
$user = $_POST['User'];
$mail = $_POST['Mail'];
$token = $_POST['Token'];
$pass = $_POST['Pass'];
$result = mysqli_query($con,"SELECT 1 FROM Proteos where
User='$user'");
$row = mysqli_fetch_array($result);
$data = $row[0];
if($data==0){
echo $data;
echo "Hey, un grato saludo mister ".$user."!\n";
$query = "INSERT INTO Proteos (User, Mail ) VALUES ($user,$mail ) ";
}
mysqli_close($con)
And this is my config.inc
<?php
define('DB_SERVER','mysql.smartfreehosting.net');
define('DB_NAME','u178665800_prote');
define('DB_USER','u178665800_carin');
define('DB_PASS','xxxxxx');
$con = mysql_connect(DB_SERVER,DB_USER,DB_PASS);
mysql_select_db(DB_NAME,$con);
?>
Put your value in single quote And than execute query
$query = "INSERT INTO Proteos (User, Mail ) VALUES ($user,$mail ) ";
to
$query = "INSERT INTO Proteos (User, Mail ) VALUES ('$user','$mail') ";
And after that pass $query to mysqli_query like
mysqli_query($con,$query);
String values have to be passed in quotes. Also execute the query .
To debug use mysqli_error
$query = "INSERT INTO Proteos (User, Mail ) VALUES ('{$user}','{$mail}' ) ";
mysqli_query($con,$query);
or
mysqli_query($conn, $query) or die(mysqli_error($conn));
to connect with mysqli (ref) change in config.inc
$con = mysqli_connect(DB_SERVER,DB_USER,DB_PASS, DB_NAME);
You are inserting VARCHAR (string) data into Database without single quotes.
Data without single quotes is considered as either table/field names or integers or keywords.
Your entered data being none of these is causing errors.
Corrected SQL:
$query = "INSERT INTO Proteos (User, Mail ) VALUES ('$user','$mail') ";
<?php
require("config.inc.php");
if (!empty($_POST)) {
$user = $_POST['User'];
$mail = $_POST['Mail'];
$token = $_POST['Token'];
$pass = $_POST['Pass'];
$result = mysqli_query($con,"SELECT 1 FROM Proteos where
User='$user'");
$row = mysqli_fetch_array($result);
$data = $row[0];
if($data==0){
echo $data;
echo "Hey, un grato saludo mister ".$user."!\n";
mysqli_query($con,"INSERT INTO Proteos (User, Mail ) VALUES ('$user','$mail' ) ") or die(mysqli_error());
}
mysqli_close($con);
check above code, values are insert using 'var' like '$user','$mail'
any error shows in the query helps to find the code or die(mysqli_error())

PHP and SQL(Trying to update my database using submit button)

I am trying to update my feedback in my SQL database form with help of submit button but I'm unable to do so. Please help!
if (isset($_POST['submitreport']))
{
$dbCon = mysqli_connect("localhost","root","","Hun");
$report = strip_tags($_POST['report']);
$sql = "UPDATE Feedback SET report='$report' WHERE username='$username' AND date='$date' ";
$query = mysqli_query($dbCon, $sql);
}
<?php
if (isset($_POST['submitreport']))
{
$monthDayYear = date('m-d-Y');
$dbConnnection = mysqli_connect("localhost","root","","Hun");
$dbUsername = strip_tags($_POST['report']);
$sqlQuery = "UPDATE Feedback SET report='".$report."' WHERE username='".$username."' AND date='".$monthDayYear."'";
$queryExecute = mysqli_query($dbConnection, $sqlQuery);
}
?>
<?php
if (isset($_POST['submitreport']))
{
$dbCon = mysqli_connect("localhost","root","","Hun");
$username = 'test';
$report = strip_tags($_POST['report']);
$date = date('m-d-Y');
$sql = "UPDATE Feedback SET report='".$report."' WHERE username='".$username."' AND date='".$date."'";
$query = mysqli_query($dbCon, $sql);
}
?>

Can't sign up using my DB

I need to make a Sign in form for my website. And I have to use MySQLi because MySQL will cause decaprated on my try.
So, here's the index.php code:
<?php
session_start();ob_start();
$con=mysqli_connect("localhost","root","","oos");
if (mysqli_connect_errno()) echo "Failed to connect to MySQL: " . mysqli_connect_error();
if(isset($_POST['signin']))
{
$username = $_POST['userid'];
$pass = $_POST['password'];
$query1 = "select * from admintb where adID = '$username' and adPass = 'password' ";
$result1 = mysqli_query($con,$query1) or die;
$co=0;
while($row=mysqli_fetch_assoc($result1)) $co++;
if($co==1)
{
$_SESSION['a']=$username;
header("Location: main_menu.php");
}
} ?>
The problem is, when I make $username="admin" and $password = "admin", it will go to main_menu.php alright. But when I try to do as above, base on my database, it won't go to main_menu.php.
How can I sign in, go to the main_menu.php using ID from my database?
Sorry, I already checked it, it's a stupid mistake. Inside this snippet:
$username = $_POST['userid'];
$pass = $_POST['password'];
$query1 = "select * from admintb where adID = '$username' and adPass = 'password' ";
$result1 = mysqli_query($con,$query1) or die;
fix to this:
$query1 = "select * from admintb where adID = '$username' and adPass = '$pass' ";

mysqli_insert_id doesn't return anything

<?php
>here is database connection code
$connection = mysqli_connect($server_name,$user_name,$password,$database_name);
>the post variable comes from another page
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$birth_date = $_POST['birth_date'];
if($connection){
$insert = "insert into describee(first_name,last_name,birth_date)
values ('$first_name','$last_name','$birth_date')";
$execute_insert = mysqli_query($connection,$insert) or die("insert query error");
>here i want to select the lase inserted row from database to show it in textarea tag
if( !empty($first_name) && !empty($last_name) && !empty($birth_date) ){
$last_id = mysqli_insert_id();
$select = "select * from describee where id = $last_id";
$execute_select = mysqli_query($connection,$select) or die("select query error");
>$last_id doesn't hold any data so it return error in the select query.
?>
You're missing your connection to MySQL which should be passed as a parameter to mysqli_insert_id()
$last_id = mysqli_insert_id($connection);

How to get the user_id from mysql using procedural php?

I am an android/java developer and Im struggling with php.
I've made it as far as inserting a new user in the DB, now I want to get their ID.
What do I do with the result? I want to assign it to a variable.
$query = "SELECT user_id FROM users WHERE user_email = '" . $user_email . "'";
$result =
PS: Im using mysql, not mysqli.
EDIT: Here is what I did:
$query = "SELECT user_id FROM users WHERE user_email = '" . $user_email ."';";
$store_info = mysql_fetch_array(mysql_query($query));
$user_id = $store_info['user_id'];
$response["message"] = "User created with id: " . $user_id;
echo json_encode($response);
And the error message after inserting (successfully) the user in the db:
null{"success":3,"message":"User created with id: "}
I assume that your are using MySQLi API
$query = "SELECT user_id FROM users WHERE user_email = '$user_email'"; //Your Query
$store_info = mysqli_fetch_array(mysqli_query($connection, $query));
//Execute the query, fetch the result, it's just one result so no need for a while loop
echo $store_info['user_id']; //echo id
As per the comments, you requested a mysql_() version so here you go...
$query = "SELECT user_id FROM users WHERE user_email = '$user_email'"; //Your Query
$store_info = mysql_fetch_array(mysql_query($query));
//Execute the query, fetch the result, it's just one result so no need for a while loop
echo $store_info['user_id']; //echo id
Still consider using mysqli_() or PDO instead. Why? Because mysql_() is now deprecated, read the red box on the documentation page which says...
Refer this answer for PDO tutorial
Here is the PDO variant:
<?php
//credentials
$host = 'localhost';
$user = "user";
$password = '';
$db_name = 'test';
$port = 3306;
//connection to the database
try
{
$connection = new PDO("mysql:host=$host;port=$port;dbname=$db_name", $user, $password);
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $e)
{
echo 'Connection failed: ' . $e->getMessage();
}
//prepare and execute SELECT statement
$sth = $connection->prepare("SELECT user_id FROM users WHERE user_email = :email");
$sth->execute(array(':email' => $user_email));
$record = $sth->fetch(PDO::FETCH_ASSOC);
print $record["user_id"];
If you use mysql (but you shouldn't, it's deprecated) :
$result = mysql_query("SELECT user_id FROM users WHERE user_email = '$user_email'");
$row = mysql_fetch_row($result);
echo $row[0]; // you result (id)
Connection:
define("HOST","localhost");
define("USER","mysql_username");
define("PASS","password");
$conn = mysql_connect(HOST,USER,PASS) or die("<h3>Sorry, could not connect to MySQL. Please Try Again</h3>");
$db = mysql_select_db(DBNAME,$conn) or die("<h3>Sorry, could not connect to Database. Please Try Again</h3>")
Query:
$query = "SELECT user_id FROM users WHERE user_email = = '" . $user_email . "'";
$result = mysql_query($query);
$row=mysql_fetch_assoc($result);
Your error comes because of the error in SQL query: you used = operator twice:
$query = "SELECT user_id FROM users WHERE user_email = = '" . $user_email . "'";
Must be:
$query = "SELECT user_id FROM users WHERE user_email = '" . $user_email . "'";

Categories