Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
<form action = "index.php" method = "post">
username : <input type = "text" name = "uname" /><br>
password : <input type = "text" name = "pass" /><br>
submit : <input type = "submit" name = "submit" value = "submit" />
</form>
<?php
if(isset($_SESSION['id'])){echo $_SESSION['id'];}
if(isset($_POST['submit'])){
if ($_POST['submit'] == 'submit'){
$uname = $_POST['uname'];
$pass = $_POST['pass'];
$db = "davidedwardcakes";
$connect = mysql_connect('localhost', 'root', 'wtfiwwu');
$db_connect = mysql_selectdb($db, $connect);
if(!$db_connect){echo 'no';}
$query = "SELECT * FROM `users` WHERE uname ='$uname' AND pass = '$pass'";
$result = mysql_query($query, $connect);
if(mysql_num_rows($result) > 0){//echo 'index failed'; var_dump($result);}
while($row = mysql_fetch_array($result)){echo $row['uname']
. "<br>";
session_start();
echo 'peruse';
$_SESSION['id'] = $row['id'];}}
else{echo 'lol'; var_dump($query);}}
Whenever I want to login, i get the error:
string 'SELECT * FROM users WHERE uname ='brown' AND pass = 'kenji'' (length=61)
meaning that theres a problem with my $query. If I remove the $pass query from $query it works fine but doesn't when it is included. Can anybody help please.
Let me convert your code to MySQLi at least. MySQL is already deprecated.
<?php
/* ESTABLISH CONNECTION */
$connect=mysqli_connect("YourHost","YourUsername","YourPassword","YourDatabase"); /* REPLACE NECESSARY DATA */
if(mysqli_connect_errno()){
echo "Error".mysqli_connect_error();
}
/* REPLACE THE NECESSARY POST DATA BELOW AND PRACTICE ESCAPING STRINGS BEFORE USING IT INTO A QUERY TO AVOID SOME SQL INJECTIONS */
$uname=mysqli_real_escape_string($connect,$_POST['username']);
$pass=mysqli_real_escape_string($connect,$_POST['password']);
$query = "SELECT * FROM `users` WHERE uname ='$uname' AND pass ='$pass'";
$result = mysqli_query($connect,$query); /* EXECUTE QUERY */
if(mysqli_num_rows($result)==0){
echo 'login failed';
var_dump($result);
}
else {
while($row = mysqli_fetch_array($result)){
echo $row['uname'];
} /* END OF WHILE LOOP */
echo 'Successfully Logged-in.';
var_dump($query);
} /* END OF ELSE */
?>
Related
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 3 years ago.
Improve this question
I'm trying to assign the value of $data['id'] to a variable like this:
$totalfor = $data['id'];
but this is not working, the value is not passing to $totalfor
If i echo $data['id'], it gives the right value which is 85
i need the value of $data['id'] to use it into a Select query
Anyone know the correct syntax to achieve this ?
Thanks
Here is the code:
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$jury = get_active_user('accountname');
$totalfor = $data['id'];
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT total AS total FROM votestepone WHERE votefor = '$totalfor' AND votedby= '$jury'";
$result = $conn->query($sql);
if ($result = mysqli_query($conn, $sql)) {
while ($row = mysqli_fetch_assoc($result)) {
$totalvote = $row["total"];
}
} else {
echo "0 results";
}
?>
<?php echo $totalvote; ?>
The error is : Undefined variable: totalvote
If i set
$totalfor = 85; --> it works
but i need to use the value coming from $data['id'];
I'm in a view page and $data['id'] is coming from:
$data = $this->view_data;
if I <?php echo $data['id']; ?> it show 85
mysqli_query returns false when there is an error not if there are no results. The error says $totalvote is undefined, not $totalfor so the query didn't find a single result.
var_dump($sql) and make sure the query is correct and it really does fetch a result row when run against your database.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 4 years ago.
Improve this question
I am trying to save multidimensional array in database using json_encode. if i echo json string its showing right output but in database string is changed after insert.
here is my code:
$email=$_POST['email'];
$watchlist=$_POST['watchlist'];
$watchshow=$_POST['watchshow'];
$yearshow=$_POST['yearshow'];
$quer = "SELECT email FROM users WHERE email = '$email'";
$q = mysqli_query($conn, $quer);
$count=0;
while($row = mysqli_fetch_array($q)){
$email = $row['email'];
$count++;
}
if($count==1) //if user already exist change greeting text to "Welcome Back"
{
$quer = "SELECT watchlist FROM users WHERE email = '$email'";
$q = mysqli_query($conn, $quer);
while($row = mysqli_fetch_array($q)){
$watch = $row['watchlist'];
}
$data = json_decode($watch, TRUE);
array_push($data,$watchlist);
$add=array();
array_push($add,$watchshow);
array_push($add,$yearshow);
$data[] = $add;
$t = json_encode($data , JSON_FORCE_OBJECT);
$sql = "update users set watchlist='$t' WHERE email='$email'";
if ($conn->query($sql) === TRUE) {
echo'updated';
} else {
echo'error';
}
}
else {
$new=array();
array_push($new,$watchlist);
$add=array();
array_push($add,$watchshow);
array_push($add,$yearshow);
$new[] = $add;
$name = json_encode($new);
$sql1 = "INSERT INTO users (email,watchlist)
VALUES ('$email','$name')";
if ($conn->query($sql1) === TRUE) {
echo 'success';
} else {
echo "Error: " . $sql1 . "<br>" . $conn->error;
}
}
if i echo $name output is
{"0":{"0":"Stranger Things","1":2017}}
but after insert it's showing this in database
{"0":"Stranger Things","1":{"0":"Stranger Things","1":"2017"}}
what i am doing wrong here?
You placed echo to unnecessary variable somewhere in your code thats why it prints name 2 times.. check it properly and remove it.
{"0":"Stranger Things","1":{"0":"Stranger Things","1":"2017"}}
This is happening most probably due to $new[] = $add; when you are using Loop and passing some value inside $new[i].
In first Loop its proper {"0":"Stranger Things","1":2017}
Now in second loop when i will be 1.
So, in position of 1 , {"0":"Stranger Things","1":2017} this is getting inserted again and making final array as {"0":"Stranger Things","1":{"0":"Stranger Things","1":"2017"}}
Show the complete code as it is, to identify the error.
As per the code you have provided, output must be correct.
$email= "abc#gmail.com";
$watchshow="Stranger Things";
$yearshow= 2017;
$new=array();
$add=array();
array_push($add,$watchshow);
array_push($add,$yearshow);
$new[] = $add;
$add=array();
array_push($add,$watchshow);
array_push($add,$yearshow);
$new[] = $add;
echo $name = json_encode($new, true);
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 6 years ago.
Improve this question
I am trying for user login and registration forms in Android. From past 5 days, I am trying it. I am not able to get it. Can anyone help me please? This is my code user_control.php. I am including the connection.php in user_control.php.
<? php
class user {
private $db;
private $connection;
/* The below one is the consttructor*/
function __construct() {
header('Content-Type: application/json'); /* used for including json format*/
require_once 'connection.php';
$this->db = new DB_Connection();
$this->connection = $this->db->get_connection();
}
public function does_user_exist($email,$password) {
$query = "Select * from userss where email ='$email' and password = '$password'";
$result = mysqli_query($this->connection,$query);
if(mysqli_num_rows($result) > 0){
$json['success'] = 'welcome'.$email;
echo json_encode($json);
mysqli_close($this->connection);
} else {
$query = " Insert into userss(email,password) values ('$email','$password')";
$is_inserted = mysqli_query($this->connection, $query);
if($is_inserted == 1) {
$json['success'] = 'Account created, welcome '.$email;
} else {
$json['error'] = 'Wrong password';
}
echo json_encode($json);
mysqli_close($this->connection);
}
}
}
$user = new user();
if(isset($_POST['email'],$_POST['password'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if(!empty($email) && !empty($password)) {
$encrypted_password = md5($password);
$user -> does_user_exist($email,$encrypted_password);
} else {
echo json_encode("You must fill both fields");
}
}
While I am running with postman software by Chrome I am getting the error as I am getting syntax error:
unexpected 'header' (T_STRING) in http://localhost:80/opt/lampp/htdocs/user_control.php
Remove the space in your line 1. Should looks like:
<?php
Try to comment:
//header('Content-Type: application/json'); /* used for including json format*/
Source: https://stackoverflow.com/a/20620606/2381906
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
This is the script that uses the "login" function and it returns two variables, how come in here when I try to take them from the sanitize function to the "login" function it doesn't work
index.php
<?php
if(!empty($_POST['submit']))
{
include("check.php");
$class = new check;
$user = $_POST['username'];
$pass = $_POST['password'];
$results = $class->sanitize($user, $pass);
$class->login($results[0], $results[1]);
//$class->login($user, $pass);
}
?>
check.php
function sanitize($string, $string2)
{
$stringh = htmlentities($string);
$string1h = htmlentities($string2);
$stringht = trim($stringh);
$string1ht = trim($string1h);
return $stringht;
return $string1ht;
}
function login($user, $pass)
{
$result = $this->link->query("SELECT * FROM `login` WHERE `username` = '".$user."'");
$numbers = mysqli_num_rows($result);
if($numbers != 0)
{
while($row = mysqli_fetch_assoc($result))
{
$dbuser = $row['username'];
$dbpass = $row['password'];
}
if($dbuser == $user && $dbpass == $pass)
{
echo "You have a match.";
}
}
}
You can only return 1 variable from a function. If you need two, wrap them in an array, giving you one object being returned.
return array($stringht, $string1ht);
However, a better solution may be to make your sanitize accept one input and have one output, and just call it twice, once for each string.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I'm trying to extract this data into a while loop and its literally returning nothing at all, any ideas whats wrong?
Code:
<?php
if(isset($_GET['id'])){
require('include/db.php');
require('include/init.php');
if(isset($_GET['id']) && is_numeric($_GET['id'])){
$userid = $odb->real_escape_string($_GET['id']);
$result3 = $odb->prepare("SELECT * FROM users where ID = :id");
$result3->bindValue(":id", $userid);
$result3->execute();
while($row3 = $result3->fetch_array(MYSQLI_ASSOC)){
$username=$row['username'];
$email=$row['email'];
$rank=$row['rank'];
$membership=$row['membership'];
$expire=$row['expire'];
$status=$row['status'];
echo "
Username: ".$username."<br />
Email: ".$email."<br />
Rank: ".$rank."<br />
Membership: ".$membership."<br />
Expire: ".$expire."<br />
Status: ".$status."<br />
";
}
} else {
echo "You did not enter an ID!";
}
?>
If you need any information let me know!
Since you are using PDO, some functions have to be updated. Instead of mysql_escape_string(), you can just prepare and bind the value and PDO will escape everything. Also fetch_array() should be fetch() and MYSQLI_ASSOC should be PDO::FETCH_ASSOC.
<?php
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if($id) {
require('include/db.php');
require('include/init.php');
// Prepare && Binding will take care of escaping the string
$result = $odb->prepare("SELECT * FROM users where ID = :id");
$result->bindValue(":id", $id);
$result->execute();
while($row = $result->fetch(PDO::FETCH_ASSOC)) {
$username = $row['username'];
$email = $row['email'];
$rank = $row['rank'];
$membership = $row['membership'];
$expire = $row['expire'];
$status = $row['status'];
echo "
Username: ".$username."<br />
Email: ".$email."<br />
Rank: ".$rank."<br />
Membership: ".$membership."<br />
Expire: ".$expire."<br />
Status: ".$status."<br />
";
}
} else {
echo "You did not enter an ID!";
}
?>