I'm using PHP to build a login form, and one part of the form validation is checking whether or not the user is "active," which is an integer in the mysql table users that will be equal to 0 or 1(1 being an activated). In my current setup, the user can't login if they don't have an active account. My first attempt to implement this was:
//This code won't work because the query is an object, not an integer.
elseif(mysqli_query($connection, "SELECT COUNT('ID') FROM users WHERE username='$usernamelogin' AND 'active'='1'") < 1) {
echo('Account not activated. ');
}
But that was not working, because the result is an object, not an int. So, I searched for how to solve this problem, and was given the following solution.
//if 1, account is active, if 0, account is inactive
$result = mysqli_query($connection, "SELECT COUNT('ID') FROM users WHERE username='$usernamelogin' AND 'active'='1'");
$row = mysqli_fetch_assoc($result);
$booly = ($row != 1) ? 1 : 0;
echo $booly;
This code, however, only gives an answer of 1, even when I would expect it to give a 0. Where have I gone wrong? What other methods could I use to implement this feature?
UPDATE:
I was indeed incorrectly using single quotes instead of backticks, so I tried implementing all of the following variations (I believe the first one to be correct, but tried all the others when it didn't work). None of them have changed my results.
"SELECT COUNT(`ID`) AS count FROM users WHERE username='$usernamelogin' AND 'active'='1'"
"SELECT COUNT(`ID`) FROM users WHERE username='$usernamelogin' AND active='1'")
"SELECT COUNT(`ID`) AS count FROM users WHERE 'username'='$usernamelogin' AND 'active'='1'"
"SELECT COUNT(`ID`) FROM users WHERE 'username'='$usernamelogin' AND 'active'='1'")
"SELECT COUNT(`ID`) AS `count` FROM `users` WHERE `username`='$usernamelogin' AND `active`='1'"
"SELECT COUNT(`ID`) FROM `users` WHERE `username`='$usernamelogin' AND `active`='1'")
I tried these as well, to no avail:
mysqli_query($connection, "SELECT COUNT(`ID`) FROM users WHERE username=$usernamelogin AND `active`='1'");
mysqli_query($connection, "SELECT COUNT(`ID`) FROM users WHERE username=$usernamelogin AND active='1'");
SOLUTION:
The solution implemented into the code:
$result = mysqli_query($connection, "SELECT COUNT(`ID`) AS count FROM users WHERE username='$usernamelogin' AND `active`='1'");
$row = mysqli_fetch_assoc($result);
if($row['count'] == true) {
echo('account not active'); }
Try this:
$result = mysqli_query($connection, "SELECT COUNT(`ID`) AS count FROM users WHERE username='$usernamelogin' AND `active`='1'");
$row = mysqli_fetch_assoc($result);
var_dump($row['count'] < 1);
Edit:
Changed single quotes to back quotes.
You have single quotes around ID field - so it's a string.
Try removing them or using ` marks around field identifier like this:
SELECT COUNT(`ID`) FROM users
You also have single quotes around the variable inserted into SQL so final fix would be:
"SELECT COUNT(`ID`) FROM users WHERE username=$usernamelogin AND `active`='1'"
Related
So far, I am trying to limit the user from liking a certain post more than once. The problem is that when I click "like" on a certain post, the like count will go up every time I click the link, even though it should be limited to just one.
This is the user.php file:
echo "<a href='likes.php?id=$row[0]'>$row[6]</a>";
The "id=$row[0]" indicates to the id_post column in the database. "$row[6]" is the column in the database which shows the like count.
Here is the likes.php file:
<?php
include 'db.php';
connect();
$id = $_GET['id'];
$sql1 = "SELECT * FROM posts";
$result1 = mysqli_query($link, $sql1) or die(mysqli_error($link));
$row = mysqli_fetch_row($result);
if ($row[6] == 0) {
$sql2 = "UPDATE posts SET likes = likes + 1 WHERE id_post = '$id'";
$result2 = mysqli_query($link, $sql2) or die(mysqli_error($link));
}
if ($row[6] == 1) {
exit(header("Location: user.php"));
}
header("Location: user.php");
?>
What's the problem with my code?
SELECT * FROM posts
Your query is selecting all rows from the posts table, and not filtering based on the ID in your $id variable.
Try changing your query to:
SELECT * FROM posts WHERE COLUMN_NAME = '$id'
This way $row[6] will refer to the correct ID in your posts table.
I am trying to pass a variable to a very basic mysql query. but php doesnt return a true value. nothing.
i have checked everything
the problem is here.
the syntax of $a varible typing into mysql query
$result = mysql_query("SELECT id,floatingnumber FROM posts WHERE id='$a' LIMIT 1");
when i change $a to 22 it returns a value otherwise nothing.
exact query is here...
$a=$this->post_id;
$result = mysql_query('SELECT floatingnumber FROM posts WHERE id="'.$a.'" LIMIT 1')or die(mysql_error());
$row = mysql_fetch_row($result);
$sdfa=$a.'-'.$row[0];
$sdfa returns "86 - " without quotes 86 - space
so the problem is on the mysql fetch row please help
Have you tried echoing the query to see what the real value of $a is?
echo "SELECT id,floatingnumber FROM posts WHERE id='$a' LIMIT 1";
Have you tried checking for errors?
$result = mysql_query("SELECT id,floatingnumber FROM posts WHERE id='$a' LIMIT 1") or die(mysql_error());
Also, you shouldn't even be using mysql_* as it's deprecated.
This is how you'd do it in PDO:
$stmnt = $db->prepare("SELECT id,floatingnumber FROM posts WHERE id=:id LIMIT 1");
$stmnt->bindValue( ':id' , $a , PDO::PARAM_INT );
$stmnt->execute();
$result = $stmnt->fetchAll(PDO::FETCH_ASSOC);
typically when I'm writing in double quotes, simply putting in the variable works:
"... $1 ..."
but also, I originally learned it with brackets
"... {$1} ..."
you can try that. also, a handy way to write queries is store the query string in its own variable so you can easily print out the query and see what you wrote before submitting.
$query = "SELECT id,floatingnumber FROM posts WHERE id=$a LIMIT 1";
$result = mysql_query( $query );
This helps identify things like this.
try this
$result = mysql_query("SELECT id,floatingnumber FROM posts WHERE id='".$a."' LIMIT 1");
if your $a is a number then do like that
$result = mysql_query("SELECT id,floatingnumber FROM posts WHERE id= $a LIMIT 1");
EDIT :
your code is right
$row = mysql_fetch_row($result);
$sdfa=$a.'-'.$row[0];
the problem is in your sql or table because there is no floatingnumber where id is 86 .
i got a point system that are like people can upgrade to [PRO1] user. everyones rights(pro1,pro2,user) are stored in my mysql users table. But i want to make a little feed, that shows the latest one that upgraded to [PRO1]. the upgrade code:
$insert = "UPDATE `users` SET `points` = (`points`-50) WHERE `username` = '".$username."' and points > 50";
mysql_query($insert);
if (mysql_affected_rows() > 0)
{
// other codes
$insert = "UPDATE users SET rights=' [PRO1]' WHERE `username` = '".$username."'";
mysql_query($insert);
header('location: succesupgrade.php');
}else{
echo "You don't have enough points";
}
?>
the upgrade code works fine(just incase i need to add a time/date. and tha code for where i want the"'username' wast the last to upgrade to [PRO1]" is in this code:
<?php
require("dbc.php");
$query = mysql_query("select * from users WHERE rights='[PRO1]' order by right DESC limit 1") or die(mysql_error());
while($array = mysql_fetch_array($query)) {
echo "{$array['username']}<br>";
}
?>was the last to upgrade to:
<?php
require("dbc.php");
$query = mysql_query("select * from users WHERE rights='[PRO1]' order by rights DESC limit 1") or die(mysql_error());
while($array = mysql_fetch_array($query)) {
echo "{$array['rights']}<br>";
}
?>
But that code gives me this error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'DESC limit 1' at line 1
order by right must be order by rights in the first query of the second code block.
That query is going to do nothing to tell you who the last user to upgrade to rights='[PRO1]'. That is just a string field. You would need some sort of datetime/timestamp field that is updated when the users rights change, by which you can make the sort.
You also don't need to do 2 queries. You have two queries doing the exact same thing.
Just do:
SELECT username FROM users WHERE rights='[PRO1]' ORDER BY update_timestamp DESC LIMIT 1
Where update_timestamp would be the field that is updated when the rights change.
The reason is because right is a used keyword, you need a back stroke to solve this :;
Like :
select * from `users` WHERE rights='[PRO1]' order by `rights` DESC limit 1
So what I need to do is find in my tables where id = id and name = name. I have tried this with no success.
$sql="SELECT * FROM $mysqltable WHERE id='$id' && name='$name'"
EDIT I found that I was missing a } bracket below this and the above code does work :/ Thank you everyone.
This is how i would have done it: Also try entering the table name instead of a variable.
$sql = "SELECT * From $mysqltable WHERE id='$id' AND name='$name'";
$result = mysql_query($sql) or die(mysql_error());
i wrote the following query
SELECT COUNT(userID) From statistics WHERE userID = ""
this query displays the number of unathunticated visit to the website.
the query works in phpmyadmin when i use double quotes however it doesnt when i use single quotes like below it just gives me the number of record stored in the table
$queryB = "SELECT COUNT(userID) From statistics WHERE userID = ''";
$resultB =mysql_query($queryA, $con) or die(mysql_error());
$authB = mysql_result($resultB, "COUNT(userID)");
echo "the number of authenticated visits were $authB<br />\n";
i've no idea why it breaks, any ideas?
you store your query in $queryB but you use $queryA
not sure if it will work...its just first think that came to mind:
how about when u use escaped double quotes?
$queryB = "SELECT COUNT(userID) From statistics WHERE userID = \"\""
Try this:
$queryB = "SELECT COUNT(userID) AS total From statistics WHERE userID = ''";
$resultB =mysql_query($queryB, $con) or die(mysql_error());
$authB = mysql_fetch_assoc($resultB);
echo "the number of authenticated visits were ".$authB['total']."<br />\n";
Does userID have a default value? If the default value is NULL, then change your query to
$queryB = "SELECT COUNT(userID) From statistics WHERE userID IS NULL";
you should change a little to your code
$queryB = "SELECT COUNT(userID) From statistics WHERE userID = ''";
$resultB =mysql_query($queryB, $con) or die(mysql_error());
$authB = mysql_result($resultB, 0, 0);
echo "the number of authenticated visits were $authB<br />\n";