Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I know I am doing something wrong but I really would like to know what it is. I can echo the
username of the session loggedin user using <?php echo $_SESSION['username']; ?>but I don't know why it doesn't work when I try to query database using the same technique. my codes below
I include this in the page
<?php
session_start();
$username=$_SESSION['username'];
?>
and here is the code that was suppose to display firstname and user_id of the sessions logged in user
<?php
$conn = new mysqli('localhost', 'root', 'browser', 'test');
if (mysqli_connect_errno()) {
exit('Connect failed: '. mysqli_connect_error());
}
$username = '$username';
$sql = "SELECT `user_id`, `firstname` FROM `members` WHERE `username`='$username'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo '<br /> user_id: '. $row['user_id']. ' - firstname: '. $row['firstname'];
}
}
else {
echo '0 results';
}
$conn->close();
?>
$username = '$username';
PHP variables inside single-quotes are not expanded. So now your variable is the literal string '$username', which undoubtedly won't match any user in your database.
You probably need to set $username = $_SESSION['username']; in your second PHP script.
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 1 year ago.
Improve this question
I am facing a problem when i am try to check user and password from database while login it keep
reply an error message :
Notice: Trying to get property 'num_row' of non-object in /Applications/XAMPP/xamppfiles/htdocs/studyact/login.php on line 27
User name or Password is incorrect, please check and try again.
i type user and password correct! enter image description here
php file :
<?php
//html
$user_staff = $_POST["user_staff"];
$pass_staff = $_POST["pass_staff"];
// Create connection
$servername = "localhost";
$username = "root";
$password = "";
$db ="studyact";
$con = new mysqli($servername, $username, $password,$db);
// Check connection
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}else{
$stmt =$con-> prepare("select * from loginstaff where user_staff = ?");
$stmt->bind_param("s",$user_staff);
$stmt->execute();
$stmtresult = $stmt->get_result();
if($stmtresult-> num_row > 0){
$data = $stmtresult-> fetch_assoc();
if($data["pass_staff"] === $pass_staff){
echo "<h2>Login Successfully</h2>";
}
else{
echo "<h2> Sorry User name or Password is incorrect.</h2>";
}
}else{
echo "<h2> User name or Password is incorrect, please check and try again.</h2>";
}
}
?>
You've got a typo on line 27
if($stmtresult->num_rows > 0)
mysqli_stmt::$num_rows — Returns the number of rows fetched from the server
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
I have the next code, but it inserts two rows in the mysql database instead of one. Could ypu please take a look to the code?
Regards.
<?php
$name= $_POST['name'];
$password = $_POST['password'];
mysql_connect("localhost","username","mypass");
mysql_select_db("databaseName");
mysql_query($query ="insert into users(name,password) values ('$name','$password')");
if (mysql_query($query) === TRUE) {
echo "Record saved";
} else {
echo "Error";
}
?>
Don't call mysql_query() when you assign the $query variable. And remember to escape your data, since you're not using prepared statements.
mysql_connect("localhost","username","mypass");
$name = mysql_real_escape_string($_POST['name']);
$password = mysql_real_escape_string($_POST['password']);
$query ="insert into users(name,password) values ('$name','$password')";
if (mysql_query($query)) {
echo "Record saved";
} else {
echo "Error: " . mysql_error();
}
Dont use the mysql_query function twice,
you want to check it in if statement, then dont call it before if clause.
See this following code.
$query ="insert into users(name,password) values ('$name','$password')"
if (mysql_query($query) === TRUE) {
echo "Record saved";
} else {
echo "Error";
}
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
I am trying to print out one column called Language1 from my Table that is called Mull, in a database called v6e.
At the moment i am getting a blank white screen.
<?php
session_start();
$servername = "localhost";
$user = "xxxx";
$password = "xxxx";
$dbname = "v6e";
// Create connection
$conn = mysqli_connect($servername, $user, $password, $dbname);
// Check connection
if (!$conn)
{
die("Connection failed: " . mysqli_connect_error());
}
else
{
$query = "SELECT Language1 FROM Mull WHERE username = 'Mull'";
$result = mysqli_query($query);
$row = mysqli_fetch_arrary($result);
echo $row['Language1'];
}
mysqli_close($conn);
?>
You have a typo issue. Change the line:
$row = mysqli_fetch_arrary($result);
With:
$row = mysqli_fetch_array($result);
Plus, you're also not connecting to DB with your query
$result = mysqli_query($conn, $query);
Reference:
http://php.net/manual/en/mysqli.query.php
You should also check for errors:
http://php.net/manual/en/mysqli.error.php
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I'm using PHP to display what is in my MySQL database in a table. I think it is working but the output is still "ERROR". I need to delete all records in a row.
<?php
require_once ('config.inc.php');
$id=$_POST['id'];
$sql = "DELETE `subject_information` WHERE `id`='$id'";
$result = mysql_query($sql);
if ($result)
{
echo "Deleted Successfully";
}
else
{
echo "ERROR!";
mysql_close();
}
?>
You forgot your FROM keyword. The proper syntax is:
DELETE FROM table_name
WHERE some_column=some_value;
So your code should be like this:
$sql = "DELETE FROM `subject_information` WHERE `id`='$id'";
you should change this line :
$sql = "DELETE `subject_information` WHERE `id`='$id'";
to
$sql = "DELETE FROM `subject_information` WHERE `id`='".$id."'";
First you should output the error that is returned from the database:
if ($result)
{
echo "Deleted Successfully";
}
else
{
echo mysql_error();
}
Second: the mysql_xxxx functions will be removed from PHP in future version. You should have a look at PDO to connect to your database
Syntax of your query has to be changed for deleting a row from table use following syntax
$sql = "DELETE FROM tablename WHERE id='$id'";
off topic, but please read http://php.net/manual/security.database.sql-injection.php
this type of query is vulnerable for SQL-Injections, because you don't check/quote your $id.
As a hint, these functions may help you:
mysql_real_escape_string
ctype_digit
is_numeric
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
This question appears to be off-topic because it lacks sufficient information to diagnose the problem. Describe your problem in more detail or include a minimal example in the question itself.
Improve this question
I'm working on a simple comment section for a website I'm working on, but there seems to be something awry with my code. Here's the form:
<?php
if($_SESSION['authenticated']) { //// if not logged show registration form
echo "<form name='comment' action='addcomment.php' method='get'>";
echo "<textarea name='CommentText'></textarea>";
echo "<input type='submit' value='Submit' />";
echo "</form><br><br>";}
else {
echo "Please log in to post.";
}
$res=mysqli_query($db, "SELECT * FROM comments");
$row = mysqli_fetch_array($res);
while ($row) {
echo '<p>from</p>';
$row = mysqli_fetch_array($res);
}
?>
And here's the PHP/SQL to add the form data to my database table (the table's named comments)
<?php $dbHost = 'cust-mysql-123-17';
$dbUser = 'user';
$dbPass = 'mypass';
$dbName = 'ollie';
$db = mysqli_connect( $dbHost, $dbUser, $dbPass, $dbName ) or die("Cannot connect");
$CommentText = $_GET['CommentText'];
$email = $_SESSION['authenticated'];
$res=mysqli_query($db, "INSERT INTO 'comments' (email, CommentText) VALUES('$email','$CommentText')");
if ($res){echo"<script lang='javascript' type='text/javascript'>
alert('Post successful');
window.location = 'forum.php';
</script>";}
else{
echo "alert('Post Failed');";
}
?>
Whenever I try to run it it shows the "post failed" alert I set up in the last if statement. Help?
remove quotes from the tablename - if you want to enclose it, use backticks ` (key below escape)
$res = mysqli_query($db, "INSERT INTO comments (email, CommentText) VALUES('$email','$CommentText')");
about security, i recommend you to learn about mysqli::real_espace_string on php.net