Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
So I have this code:
<?php
if (!isset($_GET['email']) && !isset($_GET['key'])) {
echo 'NOT ALLOWED TO ACCESS PAGE';
}
if (isset($_GET['email']) && isset($_GET['key'])) {
$email = $_GET['email'];
$regKey = $_GET['key'];
$query = mysql_query("SELECT * FROM `users` WHERE `email`='$email' AND `regRandom`='$regKey'");
if ($query == $regKey) {
mysql_query("UPDATE `users` SET `activated`=1 WHERE `email`='$email'");
if (mysql_query("SELECT activated FROM users WHERE activated='1'")) {
echo file_get_contents("http://TheMegaHouse.com/pageContent/head.php");
echo file_get_contents("http://TheMegaHouse.com/pageContent/notLoggedIn/topNavBar.php");
echo file_get_contents("http://TheMegaHouse.com/pageContent/header.php");
echo 'PASSED';
footer();
} else {
activationFail();
}
} else if ($regKey !== $query) {
echo 'FAIL';
}
}
?>
The thing is that in my database, the value that is in the regRandom column is in fact equal to the value in the key variable in the url but for some reason it is echoing out "FAIL" instead of "PASSED".
Any suggestions on what I am doing wrong, a better way of doing what I want to do or any suggestions?
Always read manual first:
http://php.net/manual/en/function.mysql-query.php
This line of code:
mysql_query("SELECT * FROM `users` WHERE `email`='$email' AND `regRandom`='$regKey'");
Is returning you resource, instead of variable you are lookng for.
Small fix for you:
list($regRandom) = mysql_fetch_row(mysql_query("SELECT regRandom FROM `users` WHERE `email`='$email' AND `regRandom`='$regKey'"));
if ($regRandom == $regKey) {
// magic
And another two things:
mysql_* functions are deprecated
i strongly recommend you to read about SQL Injections.
You should not be using the deprecated mysql_* functions but switch to PDO or mysqli and prepared statements.
However, the problem you are having is that you are comparing a resource to a sent-in variable.
My guess is that $regKey is an integer and $query is the result of a mysql query. You need to fetch a row from the result-set and compare a specific value from that row to your $regKey.
Correct me if Im wrong, but $query results is a resource? You haven't done anything with it.
I would suggest just doing a simple mysql_num_rows() check like this:
$query = mysql_query("SELECT * FROM `users` WHERE `email`='$email' AND `regRandom`='$regKey'");
if (mysql_num_rows($query) == 1) {
Its pointless to check again because you are already checking in the SQL query :) So simply check the number of rows returned. 0 = not found, 1+ = results :)
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 years ago.
Improve this question
My code echo's Hey or Hello twice once the requirements are met.
This is supposed to check whether or not a person has something uploaded, depending on if they do or don't either message displays.
$sql = "SELECT * FROM users";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$sqlImg = "SELECT * FROM users WHERE idUsers='$current'";
$resultImg = mysqli_query($conn, $sqlImg);
while ($rowImg = mysqli_fetch_assoc($resultImg)) {
if ($rowImg['profile_img'] == 0) {
echo "hey";
} else {
echo "Hello";
}
}
}
}
I expect the output to echo either word once, but the actual output is echoing it twice.
You don't need two loops. The outer loop is running for every user in the table, regardless of whether they match $current. For each of them you're doing another query that just gets the $current user, and echoing their status.
If idUsers is a unique key, you don't even need any loops. Just do one query and fetch the row.
You should also use a prepared statement to prevent SQL injection.
$stmt = $conn->prepare("SELECT profile_img FROM users WHERE idUsers = ?");
$stmt->bind_param("s", $current);
$stmt->execute();
$result = $stmt->get_result();
$rowImg = $result->fetch_assoc();
if ($rowImg['profile_img'] == 0) {
echo "hey";
} else {
echo "Hello";
}
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 4 years ago.
Improve this question
I am trying to select a value from the database. The select query is returning a 1 or 0. I want to echo 'yes' if the returned value is 1 and echo 'no' if the returned value is 0.
When I run the script I always get 'Yes'.
Does someone know what is wrong with my script?
Here is my PHP script:
$sql = "SELECT row FROM table WHERE id='". $_GET['id'] ."'";
$result = $conn->query($sql);
if ($result == 1){
echo 'yes';
}
else
{
echo 'No';
}
$conn->close();
For the answer it is important to know which Database API you use.
For most APIs
$result
will be a kind of result object which represents your result. Normally a collections of rows. You can call some kind of fetch function to get a row from a result, and then you would check whether this row contains 1 or 0.
You should read the documentation of your API for more details.
PHP gives always Yes, because the == Operator tries to do type conversion, and I suppose it converts both values to true.
http://php.net/manual/de/language.types.type-juggling.php
If you just want to know if the id exists, you can use a COUNT(*) expression. That way the query will be guaranteed to return exactly one row, whether the count is 0 or 1.
You should get into the habit of using parameters instead of creating SQL injection vulnerabilities by concatenating $_GET variables into your query.
And check for errors after every database function that may return an error.
$sql = "SELECT COUNT(*) FROM table WHERE id=?";
if (($stmt = $conn->prepare($sql) === false) {
error_log($conn->error);
die("Database error");
}
// assuming mysqli, but if you use PDO, binding is done differently
if ($stmt->bind_param('i', $_GET['id']) === false) {
error_log($stmt->error);
die("Database error");
}
if ($stmt->execute() === false) {
error_log($stmt->error);
die("Database error");
}
if (($result = $stmt->get_result()) === false) {
error_log($stmt->error);
die("Database error");
}
$row = $result->fetch_row();
$count = $row[0];
if ($count >= 1){
echo 'yes';
}
else
{
echo 'No';
}
$stmt->close();
$conn->close();
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I'm trying hard to learn how to create functions, and I don't know what I'm doing wrong here. Could someone explain it to me please?
I'm not using strip_tags(), why it's getting me this error?
I don't need it to return, I just to need to update database if
$xp is bigger than $row['basenumber']
Thank you!
$xp = $row['userxp'];
$lvl = $row['userlevel'];
contXP($xp, $lvl);
function:
function contXP ($xp, $lvl) {
$query = "SELECT
number, basenumber
FROM levels
WHERE number = '$lvl'";
$result = $conn ->query($query);
if (!$result) die ($conn->error);
$rows = $result->num_rows;
while ($row = $result->fetch_array (MYSQLI_ASSOC));
if ($xp >= $row['basenumber'])
{
// up level
$level = "UPDATE users
SET userlevel = userlevel + 1
WHERE idusers = '$iduser';";
$re_level = $conn ->query($level);
if (!$re_level) die ($conn->error);
$re_rows = $re_level->num_rows;
$re_row = $re_level->fetch_array (MYSQLI_ASSOC);
$re_level->close(); //close query
}
$result->close(); //close query
}
result:
Warning: strip_tags() expects parameter 1 to be string, array given in on line 32
strilp_tags() is definitely somewhere in your code to throw the error. Try posting all the codes involved so we can find out where your problem is coming from.
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 8 years ago.
Every question which I asked on stackoverflow I received a question that It was easy to do a php injection into my script.
I've now a example and checked some tutorials on youtube.
Am I doing this right now?
This is an example how I'm working now
if($user->isLoggedIn()) {
$pakuser = $user->data()->username;
$sql = $db->query("SELECT * FROM users
INNER JOIN post ON users.username = post.add
WHERE post.id = $id AND post.add = '$pakuser'")
or die(mysql_error());
if ($sql === FALSE) {
}
if($row = $sql->fetch_object())
if($row->add)
{
?>
<p>edit this post<br><br>BEWARE OF DELETING YOUR CONTENT THERE IS NO GO-BACK<BR>Delete this post </p>
<?php
}
}
Everytime the user can manipulate your sql-query without any restriction, there is a security-issue. Here is an example:
$query_string = "SELECT * FROM user WHERE (name='$username' AND password='$password')";
if the user sends a password like:
"something') OR ('1' = '1"
the query will change to:
$query_string = "SELECT * FROM user WHERE (name='Name' AND password='something') OR ('1' = '1')";
Because '1'='1' is always true, this will return each user in your database.
Instead you can change the example above to:
$query = mysqli->prepare('SELECT * FROM user WHERE (name=? AND password=?)');
$query->bind_param('ss', $username, $password);
$query->execute();
This will filter all strings that could break your sql-query.
It seems like you are still just passing variables straight through into the query. Yes, this may work, but is not necessary secure.
You could have a look at using PDO instead, which has means of being able to verify the data type that you are wanting to pass through into your query rather than just passing a variable into the query string.
In terms of using mysqli, have a look at mysqli_real_escape_string if you have not already. It is well documented.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
Function
public function isUsernameAvailable($username) {
$sql = "SELECT COUNT(*) FROM users WHERE username = '$username'";
$sql = $this->db->quote($sql);
if ($sth = $this->db->query($sql)) {
if ($sth->fetchColumn() > 0) {
return false;
} else {
return true;
}
}
}
if (!$user->isUsernameAvailable($_POST['username'])) {
echo 'The username is already taken!';
$error = 1;
}
I get the output "The username is already taken!" even though It isn't.
select count(*)... will ALWAYS return a record, even nothing is matched
so, you can try this :
select 1 from ...;
between, a proper method to check any record return should be using rowCount
as indicate by the rest :-
you should make use of bind rather than using quote
function should always return a value
Your isUsernameAvailable function will return NULL (equals to FALSE) when the query fails. This will trigger the The username is already taken! message.
Looks like your SQL query always fails, which I think is no wonder because you blindly apply quotes onto it.
After running a SQL query, you must more properly deal with the case that the query failed, e.g. display that an internal SQL error occured and log it, so you can look into the log and locate the cause of the error.
Additionally, you should use the PDO more properly, specifically when you want to prevent SQL injection (which you must care about). See Best way to stop SQL Injection in PHP.
Use rowCount() instead of fetchColumn()
if ($sth->rowCount() > 0) {
fetchColumn returns false if there is no column and also see ajreal answer.
if ($sth = $this->db->query($sql)) {
if ($sth->fetchColumn() == false) {
return true;
} else {
return false;
}
}
Can you try using the following code?
$st->rowCount() > 0
$sql = "SELECT COUNT(*) FROM users WHERE username = '$username'";
$sql = $this->db->quote($sql);
You are quoting the whole query, this does not make any sense and is outright dangerous from a security standpoint – and probably results in an invalid query anyway.
Here's a more proper code:
// return TRUE if user is available
public function isUsernameAvailable($username) {
$sql = "SELECT id FROM users WHERE username = :username";
$stmt = $this->db->prepare($sql);
$stmt->execute(array(':username' => $username));
return $stmt->fetch() === FALSE;
}
if (!$user->isUsernameAvailable($_POST['username'])) {
echo 'The username is already taken!';
$error = 1;
}