Hey guys, Im doing a series of if statements based on a session variable that is set (which looks at a value in the DB and then decides whether to empty the session, or name it. However I'm having problems in that the session is always named, regardless of whether the record in the database is '0' or not. The query works fine when run in mysql. Here's the code:
session_start();
$_SESSION['MemberType'] = '';
mysql_select_db($database_choices, $choices);
$query = "Select lifemember from registrants where username = '" . $_SESSION[kt_login_user] . "'";
$result = mysql_query($query) or die ("Error in query: $query. ".mysql_error());
while($row = mysql_fetch_array($result))
{
if ($row['lifemember'] == '1')
{
$_SESSION['MemberType'] = 'LifeMember';
}
else if($row['lifemember'] == '0')
{
$_SESSION['MemberType'] = '';
}
}
Precheck: If you are getting any 'Headers already sent...' then you have some output already on the page which is preventing the setting of session.
Otherwise try debugging steps like:
1) Do an echo $row['lifemember'] inside the while loop so that you know REAL value of what's been fetched from DB.
2) In else block, change it to $_SESSION['MemberType'] = 'Hello'; Then see, whether Hello is printed or not?
Related
I created an background working script, that updates my database table on a condition.
Here is my main script:
<?php
require_once('conn.php');
$query = "SELECT * FROM user WHERE id = '" . $_COOKIE['username'] . "'";
$data = mysqli_query($dbc, $query);
$row = mysqli_fetch_array($data);
if($row['ehp'] > $row['required_ehp']) {
// The 'ehp' column is greater than 'required_php'
$calc = $row['ehp'] % $row['required_ehp'];
$new = $row['required_ehp'] * 12;
$new_lvl = $row['level'] + 1;
$query2 = "UPDATE user set level = '$new_lvl', ehp = '$calc', required_ehp = '$new'";
mysqli_query($dbc, $query2);
echo 'query successful';
} else {
echo 'query unsuccessful' . mysql_error();
}
echo $row['ehp'] % $row['required_ehp'];
echo $row['required_ehp'];
?>
The error message I am getting from this script is:
query unsuccessful
Warning: Division by zero in H:\AppServ\www\sp\userlevel.php on line 21
I don't know what's is wrong. Please help me.
Here is the database column's image.
Since you see query unsuccessful, that means that the line if($row['ehp'] > $row['required_ehp']) is false.
In the line echo 'query unsuccessful' . mysql_error(); there is no mysql error, therefore you only see the line query unsuccessful.
Also you get the devision by 0 warning. This is caused by the line echo $row['ehp'] % $row['required_ehp'];. It seems $row['required_ehp'] is 0.
Summing this all up, perhaps the data you expect to be in $row is not what you are expecting. Maybe the cookie data is incorrect?
Also, putting the cookie data straight into the query is a horrible idea, and easily to hack.
Okay I found out my mistake it was just that in id in my database, I was searching for the username column. Sorry to bother you all.
I want to take the value of a single MySQL cell and use it as a string inside PHP code - I already know the cell exists, where it is, and nothing else is needed. What's the easiest way to do this? All the examples I've found focus on using a loop to output multiple rows into a table, which seems needlessly complicated for my purposes.
Basically what I want to do is this:
require_once 'login.php'; // Connects to MySQL
$sql = "SELECT name FROM users WHERE id='1'"; // id is determined elsewhere
$result = mysqli_query($connect, $sql);
echo "Your name is " . $result;
But I get an error message that it's not a valid string.
You forgot to fetch record from $result using mysqli_fetch_assoc().
So you can fix your code this way:
$result = mysqli_query($connect, $sql);
while ($row = mysqli_fetch_assoc($result)) {
echo "Your name is " . $row['name'];
}
I recently converted a code block into a function so I can call it easily more than just once. My problem is that as soon as I related the block to a function it fails the SQL query every time. Here's my code block:
function checkEvent()
{
if(!empty($_GET['e']))
{
$sql = mysqli_query($link, "SELECT * FROM events WHERE EventID = '" . mysqli_real_escape_string($link, $_GET['e']) . "'");
if($sql && mysqli_num_rows($sql)==1)
{
if($row = mysqli_fetch_row($sql))
{
$eventid = $row[0];
$eventname = $row[1];
$desc = $row[2];
$time = $row[3];
echo $_GET['e'];
}
}
else
{
echo $sql;
$failure = "Num Rows Error encountered: " . mysqli_error($link) . " / Num Rows: " . mysqli_num_rows($sqlE);
}
}
}
Now, I've added echos in the relevant places to check and where it currently says echo $sql; if I change that to echo "Fail."; then it will indeed do that. I have tried to get the result as a number of rows and that comes back blank. I don't understand this as my EventID is an AUTO INCREMENT and as such HAD to start at 1. I've triple checked the first entry is 1 as well.
I'm probably not seeing something really obvious, I just can't understand why this code block stopped working the instant I placed a function block around it.
$link doesn't exist inside your function. You either need to pass that as a parameter to the function or skip it entirely and use the "current" DB connection.
"current" in quotes because while it should work just fine while you're utilising a single database connection for the entire process, as soon as you'd start using multiple connections (to connect to multiple databases,) this approach would fail terribly.
if(isset($_SESSION['admin'])) {
echo "<li><b>Admin</b></li>";
}
<?php
session_name('MYSESSION');
session_set_cookie_params(0, '/~cgreenheld/');
session_start();
$conn = blah blah
$query2 = 'Select Type from User WHERE Username = "'.$_SESSION['user'].'" AND Type =\'Admin\'';
$result2 = $conn->query($query2);
if($result2->num_rows==1) {
$_SESSION['admin'] = $result2;
}
?>
Hi, I'm trying to set this session variable but it doesn't seem to be setting, and i'm wondering if anyone can help. If session['admin'] isset it should echo the admin button.
But i'm not quite sure why? (I do have session start and everything on everypage, it's not a problem with that or any of the "You don't have php tags" I have checked the mysql query, and it does return something from my table. Any ideas please?
Your session_start(); should be at the top of the page before anything to do with the session variables.
From the docs:
When session_start() is called or when a session auto starts, PHP will call the open and read session save handlers.
Edit from comments:
<?php
session_name('MYSESSION');
session_set_cookie_params(0, '/~cgreenheld/');
session_start();
// Moved to start after answer was accepted for better readability
// You had the <?php after this if statement? Was that by mistake?
if(isset($_SESSION['admin']))
{
echo "<li><b>Admin</b></li>";
}
// If you have already started the session in a file above, why do it again here?
$conn = blah blah;
$query2 = 'Select Type from User WHERE Username = "'.$_SESSION['user'].'" AND Type =\'Admin\'';
// Could you echo out the above statement for me, just to
// make sure there aren't any problems with your sessions at this point?
$result2 = $conn->query($query2);
if($result2->num_rows==1)
{
$_SESSION['admin'] = $result2;
// It seems you are trying to assign the database connection object to it here.
// perhaps try simply doing this:
$_SESSION['admin'] = true;
}
?>
Edit 2 from further comments:
You have to actually fetch the fetch the data like this - snipped from this tutorial which might help you out some more:
$query = "SELECT name, subject, message FROM contact";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
echo "Name :{$row['name']} <br>" .
"Subject : {$row['subject']} <br>" .
"Message : {$row['message']} <br><br>";
}
But having said that, while we are talking about it, you would be better off moving away from the old mysql_* functions and move to PDO which is much better.
Move session_start(); to the top of the page. You are trying to retrieve sessions, where it's not loaded.
EDIT: Try echoing $_SESSION['admin'], if it even contains something. Also try debugging your if($result2->num_rows==1) code by adding echo('its working'); or die('its working'); inside it, to check if $result2 contains exactly 1 row, since currently it seems $result2 contains either more than 1 row or no rows at all.
I created this account registration activation script of my own, I have checked it over again and again to find errors, I don't see a particular error...
The domain would be like this:
http://domain.com/include/register.php?key=true&p=AfRWDCOWF0BO6KSb6UmNMf7d333gaBOB
Which comes from an email, when a user clicks it, they get redirected to this script:
if($_GET['key'] == true)
{
$key = $_GET['p'];
$sql = "SELECT * FROM users
WHERE user_key = '" . $key . "'";
$result = mysql_query($sql) or die(mysql_error());
if(mysql_affected_rows($result) > 0)
{
$sql = "UPDATE users
SET user_key = '', user_active = '1'
WHERE user_key = '" . $key . "'";
$result = mysql_query(sql) or die(mysql_error());
if($result)
{
$_SESSION['PROCESS'] = $lang['Account_activated'];
header("Location: ../index.php");
}
else
{
$_SESSION['ERROR'] = $lang['Key_error'];
header("Location: ../index.php");
}
}
else
{
$_SESSION['ERROR'] = $lang['Invalid_key'];
header("Location: ../index.php");
}
}
It doesn't even work at all, I looked in the database with the user with that key, it matches but it keeps coming up as an error which is extremely annoying me. The database is right, the table and column is right, nothing wrong with the database, it's the script that isn't working.
Help me out, guys.
Thanks :)
Change $_GET['key'] == true to $_GET['key'] == "true"
You do before this if, a successful mysql_connect(...) or mysql_pconnect(...) ?
Change mysql_affected_rows($result); to mysql_num_rows($result);. Affected you can use for DELETE or UPDATE SQL statements.
Before you second if was opened, add before you second mysql_result(...), mysql_free_result($result); to free memory allocated to previous result.
if($result) change to if(mysql_affected_rows($result));. You can do that here.
After the header(...); function call's add a return 0; or exit(0); depends on your complete code logic.
You are using $key variable in SQL statements, to get your code more secure on SQL Injection attacks get change $key = $_GET['p']; to $key = mysql_real_escape_string($_GET['p']);
I think your location in header() functions fails. In header() url address should be full like: http://www.example.com/somewhere/index.php
And check your $_GET['p'] variable exists!! If this not exist and if $_GET['key'] exists, you find all activated users. Then i think the setting user_key to '' is nessesary if you have user_activated marker.
you shouldnt be using:
if(mysql_affected_rows($result) > 0)
You should be using mysql_num_rows()
Your problem is:
$result = mysql_query($sql) or die(mysql_error());
"or" makes your statement boolean so $result gets a True instead of value returned by mysql_query()
echo 'Hello' or die('bye'); // outputs nothing, because result is True not 'Hello'
3 or die() == True; // true
3 or die() != 3; // true
OR is the same as || and it is operator of logical statement.
This will work:
$result = mysql_query($sql);
if(!$result) die(mysql_error());
The same mistake was made a few hours ago: link
Cases where OR can be used:
defined('FOO') or
define('FOO', 'BAR');
mysql_connect(...) or die(...);
mysql_select_db( .... ) or die(...);
mysql_query('UPDATE ...') or die(...);
if(FOO or BAR) { ... }