I am writing a script to access a specific detail about the user and I was hoping to make the database query be function.
function connectUser($ip) {
$q = "SELECT * FROM users where ID='$ID'";
$s = mysql_query($q);
$r = mysql_fetch_array($s);
}
But when I try and use it it will not access the row the way I want it to.
$user = '999';
connectUser($user)
echo $r['name'];
But if I put echo $r['name']; in the function it will work.
your function is not returning anything. add return $r['name'] at the end of function.
then echo connectUser($user);
thare are 2 major problems in your code
the function doesn't return anything and you don't assign it's result to a variable.
Your variables doesn't match. $ip doesn't seem the same variable with $ID
so, this one would work
function connectUser($id) {
$q = "SELECT * FROM users where ID=".intval($id);
$s = mysql_query($q);
return mysql_fetch_array($s);
}
$user = '999';
$r = connectUser($user)
echo $r['name'];
That's because the variable $r isn't being returned by the function, so it's never being set outside of the function. Here's what you should have:
function connectUser($ip) {
$q = "SELECT * FROM users where ID='$ip'";
$s = mysql_query($q);
return mysql_fetch_array($s);
}
And then outside have:
$user = '999';
$r = connectUser($user)
echo $r['name'];
You might also want to take a look at this question: prepared statements - are they necessary
This function is not working,
as you did not supplied the database connection into function,
and you did not return anything (PHP will return NULL)
Please understand what is variable scope first,
and the function
A workable example, can be like :-
function connectUser($db, $ip)
{
$q = "SELECT * FROM users where ID='$ID'"; // vulnerable for sql injection
$s = mysql_query($q, $db); // should have error checking
return mysql_fetch_array($s); // value to be returned
}
How to use :-
$db = mysql_connect(...);
$res = connectUser($db, "some value");
Related
In my code I use $user_id = $_SESSION["USER_ID"]; to get the users id that is valid. If I use echo function in PHP it displays the correct id but when I try to use it in query it says it is undefined.
I am using XAMPP with:
PHP 7.1.27 , 7.2.16 , 7.3.3
Apache 2.4.38
MariaDB 10.1.38
Perl 5.16.3
OpenSSL 1.0.2r (UNIX only)
phpMyAdmin 4.8.5
$user_id = $_SESSION["USER_ID"];
// Funkcija prebere oglase iz baze in vrne polje objektov
function get_oglasi(){
global $conn;
$query = "SELECT * FROM ads WHERE user_id= echo '$user_id'; ";
$res = $conn->query($query);
$oglasi = array();
while($oglas = $res->fetch_object()){
array_push($oglasi, $oglas);
}
return $oglasi;
}
I expect the output of $user_id = 17 and I get error that it is undefined. But if I try <p>Opis: <?php echo $user_id;?></p> I get correct number.
In php you are not able read variable without Global declaring or send to function parameter.
Please set this session user_id like below code
$user_id = $_SESSION["USER_ID"];
function get_oglasi(){
$user_id=$GLOBALS['user_id'];
global $conn;
$query = "SELECT * FROM ads WHERE user_id='$user_id'; ";
$res = $conn->query($query);
$oglasi = array();
while($oglas = $res->fetch_object()){
array_push($oglasi, $oglas);
}
return $oglasi;
}
Hopefully that will help you.
You need to make $user_id as global global $user_id; because You are using in function and it is define outside function.
Or pass a parameter to a function then you will get the id inside the function
function get_oglasi($id)
My php script is woking outside function but not inside function.
$uid = $_SESSION['user_id'];
function getUserName($conn) {
$sql = "SELECT * FROM `tbl_user` WHERE `user_id` ='".$uid."' ";
$row = $conn->query($sql)->fetch_array();
return $row["user_name"];
}
Unable to get it where I am wrong.
DO NOT use global variable. It's evil.
Pass the user ID as parameter to the function:
function getUserName($conn, $uid) {
$sql = "SELECT * FROM `tbl_user` WHERE `user_id` ='".$uid."' ";
$row = $conn->query($sql)->fetch_array();
return $row["user_name"];
}
echo getUserName($conn, $_SESSION['user_id']);
try this
function getUserName($uid, $conn) {
// code here
}
Best thing you can do is avoid globals and just pass the uid as a parameter:
$uid = $_SESSION['user_id'];
$username = getUserName($conn, $uid);
function getUserName($uid, $conn) {
$sql = "SELECT * FROM `tbl_user` WHERE `user_id` ='".$uid."' ";
$row = $conn->query($sql)->fetch_array();
return $row["user_name"];
}
Read http://php.net/manual/en/language.variables.scope.php to learn about variable scope in PHP
Also read this post about SQL injection
you need to call the function to work code inside funtion
I am working on a PHP script that should get data from MySQL.
Here is what am I doing:
<?php
include('db.php');
session_start();
$doctor_actual=$_SESSION['doctor_actual'];
echo $doctor_actual;
if(isset($_REQUEST['actionfunction']) && $_REQUEST['actionfunction']!=''){
$actionfunction = $_REQUEST['actionfunction'];
call_user_func($actionfunction,$_REQUEST,$con,$limit,$adjacent);
}
function showData($data,$con,$limit,$adjacent){
$page = $data['page'];
if($page==1){
$start = 0;
}
else{
$start = ($page-1)*$limit;
}
$sql = "select * from tb_opiniones_doctor where codigo_verificacion = '".$doctor_actual."' order by id_opinion_doctor asc";
$rows = $con->query($sql);
$rows = $rows->num_rows;
$sql = "select * from tb_opiniones_doctor where codigo_verificacion = '".$doctor_actual."' order by id_opinion_doctor asc limit $start,$limit";
$data = $con->query($sql);
$str='<table><tr class="head"><td>Id</td><td>Firstname</td><td>Lastname</td></tr>';
if($data->num_rows>0){
while( $row = $data->fetch_array(MYSQLI_ASSOC)){
$str.="<tr><td>".$row['id_opinion_doctor']."</td><td>".$row['id_opinion_doctor']."</td><td>".$row['id_opinion_doctor']."</td></tr>";
}
}else{
$str .= "<td colspan='5'>No Data Available</td>";
}
$str.='</table>';
echo $str;
pagination($limit,$adjacent,$rows,$page);
}
My problems are at the two queries, they only work if I put the real value for $doctor_actual, not as variable.
I have echoed the value for $doctor_actual, it is 9dv2ACvtwn2.
If I put in the queries ..where codigo_verificacion = "9dv2ACvtwn2"... the queries work fine.
If I put:
codigo_verificacion = '".$doctor_actual."'
or
codigo_verificacion = '.$doctor_actual.'
or
codigo_verificacion = $doctor_actual
it shows the message:
No Data Available
You should read about Variable scope. $doctor_actual outside function and $doctor_actual inside function are two different variables. As you can read above something like that
<?php
$var = 'text';
function myFunc()
{
global $var;
echo $var; // 'text'
}
will solve your problem.
But as noticed #Sean in comments below it's better idea to pass value as a parameter. Just add additional parameter to your function and pass value during function call.
I have a selet function where I pass two variables. The table and where.
However, whatever I put for where it always displays id = 1.
Could this be because it is recognising that id has a value and setting it to 1 or am I completely off the mark here?
The function is below:
public function select($table, $where){
$sql = "SELECT * FROM $table WHERE $where";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 1){
return $this->processRowSet($result, true);
}
return $this->processRowSet($result);
}
The call to the function is:
$rowSet = $db->select('users','username = wayne');
Or is it the way I am setting username in the parameter?
username is a String then it is necessary to write
$rowSet = $db->select('users','username = "wayne"');
I have the following function:
function getUser($user_id){
$mysqli = dbConnect();
$gu = "select * from users where user_id = '$user_id'";
$ru = $mysqli->query($gu);
$user = $ru->fetch_array();
return $user;
}
Which is called eg:
$user_id = $_SESSION[user_id];
getUser($user_id);
Then I want to simply echo fields i want, e.g. name. But, when I try the following, it returns empty
echo "users name is $user['name']"; // returns: users name is
Is there a better way to do this?
UPDATE Also tried the following but still empty:
function getUser($user_id){
$mysqli = dbConnect();
$gu = "select * from users where user_id = '$user_id'";
$ru = $mysqli->query($gu);
$user = array();
while($row = $ru->fetch_array()) {
$user[] = $row;
}
return $user;
}
your line:
getUser($user_id);
should be:
$user=getUser($user_id);
This way you'll be setting $user to the array the getUser returns, then you can use it.
Remove the single quotes when printing an array, you echo may needed to be like:
echo "users name is $user[name]";