displaying user's records from database - php

<?php
include "db.php";
$username=$_POST['username'];
$email=$_POST['email'];
$query="SELECT * FROM members where username = '".mysql_real_escape_string($username)."'";
$result=mysql_query($query)or die(mysql_error());
$user = mysql_fetch_assoc($result);
mysql_close();
?> <br /> <p></p>
Welcome back! Your details below: <br /><br />
<table border="1" cellspacing="2" cellpadding="5">
<tr>
<th>First Name</th>
<th>Last Name</th>
<th>User Name</th>
<th>Email</th>
<th>Age</th>
</tr>
<?php
$firstname= $user['firstname'];
$lastname= $user['lastname'];
$username= $user['username'];
$email= $user['email'];
$age= $user['age'];
?>
<tr>
<td><? echo $firstname ?></td>
<td><? echo $lastname ?></td>
<td><? echo $username ?></td>
<td><? echo $email ?></td>
<td><? echo $age ?></td>
</tr>
</table>
guys, i use this code to display the user's details, BUT STILL its not displaying the records.
what's wrong with this code? hmm... there's no error, but its not working.
:'(


Try adding an echo(mysql_error()) to see if there's a MySQL error beyond just a bad query.


Try adding a loop like this below replacing the single record set with multiple. Also check your query and see if it's correct.
<?php
include "db.php";
$username=$_POST['username'];
$email=$_POST['email'];
$query="SELECT * FROM members where username = '".mysql_real_escape_string($username)."'";
$result=mysql_query($query)or die(mysql_error());
//$user = mysql_fetch_assoc($result);
?>
<br /> <p></p>
Welcome back! Your details below: <br /><br />
<table border="1" cellspacing="2" cellpadding="5">
<tr>
<th>First Name</th>
<th>Last Name</th>
<th>User Name</th>
<th>Email</th>
<th>Age</th>
</tr>
<?php
while($user=mysql_fetch_array($result))
{
echo '<tr>';
echo '<td>'.$user['firstname'].'</td>
<td>'.$user['lastname'].'</td>
<td>'.$user['username'].'</td>
<td>'.$user['email'].'</td>
<td>'.$user['age'].'</td>';
echo '</tr>';
}
mysql_close();
?>
</table>


Put error_reporting(~0) at the very top to make sure you get reports on everything going less than perfect. Do a print_r($_POST) to make very sure you get in $_POST what you think you are getting.
If you then still haven't found the problem, provide more context! (like: script output)
(btw: you should echo htmlspecialchars($user[...]); or people can put very nasty stuff in there.)
And make sure you have "short_open_tag = On" in your php.ini, or use
<?php
instead of
<?
everywhere!

Related

How to fix a table causing "502: Bad Gateway" error in PHP

I am creating a simple database that can do basic CRUD operations (create, read, update, delete) using php. I am able to complete the create, and able to see the results if I directly query the mySQL DB in the back end. But, I am having trouble getting the table to display on the webpage. It is instead displaying a "Bad Gateway" error if I attempt to display the database entries.
I tried removing the reference to the table, specifically
<?php while ($row = mysqli_fetch_array($results)) { ?>
<tr>
<td><?php echo $row['name']; ?></td>...
and the web page on front end works fine. Albeit can only see the data if I query the backend.
<?php include('php_code.php'); ?>
...
...
...
<?php $results = mysqli_query($db, "SELECT * FROM info"); ?>
<table>
<thead>
<tr>
<th>Name</th>
<th>Address</th>
<th>City</th>
<th colspan="2">Action</th>
</tr>
</thead>
<?php while ($row = mysqli_fetch_array($results)) { ?>
<tr>
<td><?php echo $row['name']; ?></td>
<td><?php echo $row['address']; ?></td>
<td><?php echo $row['city']; ?></td>
<td>
<a href="test.php?edit=<?php echo $row['id']; ?>"
class="edit_btn" >Edit</a>
</td>
<td>
<a href="php_code.php?del=<?php echo $row['id']; ?>"
class="del_btn">Delete</a>
</td>
</tr>
<?php } ?>
</table>
<!--in php_code.php-->
//to retrieve records
$select_query = "SELECT * FROM info";
$result = mysqli_query($db, $select_query);
I should be able to see the table with data containing name, address and city. But I am getting a 502 error instead.

Try this
<?php
include('php_code.php');
$results = mysqli_query($db, "SELECT * FROM `info` ");
$return = <<<HTML
<table>
<thead>
<tr>
<th>Name</th>
<th>Address</th>
<th>City</th>
<th colspan="2">Action</th>
</tr>
</thead>
<tbody>
HTML;
while ($row = mysqli_fetch_array($results)) {
$return .= <<<HTML
<tr>
<td>{$row['name']}</td>
<td>{$row['address']}</td>
<td>{$row['city']}</td>
<td><a href="test.php?edit={$row['id']}" class="edit_btn" >Edit</a></td>
<td>Delete</td>
</tr>
HTML;
}
$return .= <<<HTML
</tbody>
</table>
HTML;
echo $return;
?>
your php_code.php should really only have the database config...

you are closing the php statements so you cannot retrieve the result of your query. Don't split php parts and just echo html like this
<?php
echo " <table>
<thead>
<tr>
<th>Name</th>
<th>Address</th>
<th>City</th>
<th colspan='2'>Action</th>
</tr>
</thead> ";
while ($row = mysqli_fetch_array($results)) {
echo "<tr>
<td>$row['name']</td>
<td>$row['address']</td>
<td> $row['city']</td>
<td>
<a href='test.php?edit=$row['id']'
class='edit_btn' >Edit</a>
</td>
<td>
<a href='php_code.php?del=$row['id']'
class='del_btn'>Delete</a>
</td>
</tr>";
}
echo "</table>";
?>

Warning: mysql_fetch_row() expects parameter 1

I'm a new learner in PHP. I don't know what's my error with my code. Please help me fix this. :( Warning: mysql_fetch_row() expects parameter 1 to be resource, object given in C:\xampp\htdocs\project\employees.php on line 35.
connection.php
<?php
//print_r($_POST);
// DB Credentials
$servername = "localhost";
$dbusername = "root";
$dbpassword = "";
$dbname = "project101";
// Create connection
$con = mysqli_connect($servername, $dbusername, $dbpassword, $dbname);
// Check connection
if ( $con->connect_error ) {
die("Connection failed: " . mysqli_connect_error());
}
?>
Employee.php
include ('connection.php');
if(empty($_SESSION)) // if the session not yet started
session_start();
if(!isset($_SESSION['username'])) { //if not yet logged in
header("Location: index.php");// send to login page
exit;
}
?>
<html>
<head>
<title>Employee</title>
</head>
<body>
<center>
<div id="body">
<div id="content">
<table align="center">
<tr>
<th colspan="5">add data here.</th>
</tr>
<th>First Name</th>
<th>Last Name</th>
<th>Email</th>
<th colspan="2">Action</th>
</tr>
<?php
$result2 = $con->query("Select * from `employee`");
while($row=mysql_fetch_row($result2))
{
?>
<tr>
<td><?php echo $row[1]; ?></td>
<td><?php echo $row[2]; ?></td>
<td><?php echo $row[3]; ?></td>
<td align="center"><img src="b_edit.png" align="EDIT" /></td>
<td align="center"><img src="b_drop.png" align="DELETE" /></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</center>
</body>
</html>

As apparent by your commented additional code, you instanciate a mysqli_ object, but try to use a mysql_ function on it.
those two don't work together. use mysqli_ functions with it instead.

Use the following code
include ('connection.php');
if(empty($_SESSION)) // if the session not yet started
session_start();
if(!isset($_SESSION['username'])) { //if not yet logged in
header("Location: index.php");// send to login page
exit;
}
?>
<html>
<head>
<title>Employee</title>
</head>
<body>
<center>
<div id="body">
<div id="content">
<table align="center">
<tr>
<th colspan="5">add data here.</th>
</tr>
<th>First Name</th>
<th>Last Name</th>
<th>Email</th>
<th colspan="2">Action</th>
</tr>
<?php
$result2 = $con->query("Select * from `employee`");
while($row=mysqli_fetch_row($result2))
{
?>
<tr>
<td><?php echo $row[1]; ?></td>
<td><?php echo $row[2]; ?></td>
<td><?php echo $row[3]; ?></td>
<td align="center"><img src="b_edit.png" align="EDIT" /></td>
<td align="center"><img src="b_drop.png" align="DELETE" /></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</center>
</body>
</html>

PHP - How can I nest a while loop inside an if isset condition?

I have this table element with the following code:
<?php
if(isset($_POST["submit"])){
if (strlen($cIdMsg = 0) && strlen($cFirstNameMsg = 0) && strlen($cLastNameMsg = 0) && strlen($pCodeMsg = 0)) {
require_once("conn.php");
$sql2 = "SELECT * FROM customer;";
$results = mysqli_query($conn, $sql2)
or die ('Problem with query' . mysqli_error($conn));
echo "no errors found";
}
}
?>
<table>
<tr>
<th>Customer ID</th>
<th>FIrst Name</th>
<th>Last Name </th>
</tr>
<?php
while ($row = mysqli_fetch_array($results)) { ?>
<tr>
<td><?php echo $row["customerID"]?></td>
<td><?php echo $row["firstName"]?></td>
<td><?php echo $row["lastName"]?></td>
</tr>
<?php } ?>
</table>
Above this table I have the php code that makes the sql queries inside an if isset condition so that it only loads after pressing submit on the form. I would like to do the same to the table. That is to only make it load after pressing submit. because on page load it is trying to do the mysqli_fetch_array on a non existent $result yet

Wrap the whole table inside:
<?php if (isset($result)) { ?>
<table>
<tr>
<th>Customer ID</th>
<th>FIrst Name</th>
<th>Last Name </th>
</tr>
<?php
while ($row = mysqli_fetch_array($results)) { ?>
<tr>
<td><?php echo $row["customerID"]?></td>
<td><?php echo $row["firstName"]?></td>
<td><?php echo $row["lastName"]?></td>
</tr>
<?php } ?>
</table>
<?php } ?>
I have used isset($result) based on what you have said. You can check for the POST values by checking for count($_POST), or something similar (not a good idea to check for isset($_POST["submit"])). If you are fetching for AJAX Response, it is always better to use a different separate file for this.

<?php if(mysqli_num_rows($result)!=0) { ?>
<table>
<tr>
<th>Customer ID</th>
<th>FIrst Name</th>
<th>Last Name </th>
</tr>
<?php
while ($row = mysqli_fetch_array($results)) { ?>
<tr>
<td><?php echo $row["customerID"]?></td>
<td><?php echo $row["firstName"]?></td>
<td><?php echo $row["lastName"]?></td>
</tr>
<?php } ?>
</table>
<?php } ?>

How to create pie chart using PHP and MYSQL?

I have a table which shows my data and it works perfectly. I need to add in a pie chart also to show the exact same data that was shown on the table.
<thead>
<tr>
<th>Account Type</th>
<th>Account Number</th>
<th>Account Balance</th>
</tr>
</thead>
<?php
$query = "SELECT * FROM account WHERE user_id='$user_id'";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)) {
$acc_type = $row ['account_type'];
$acc_num = $row ['account_number'];
$acc_bal = $row ['account_balance'];
?>
<tbody>
<tr>
<td><?php echo $acc_type ?></td>
<td><?php echo $acc_num ?></td>
<td>$ <?php echo $acc_bal ?></td>
<?php
}
?>
</tr>
</tbody>
<tr class="alt">
<?php
$query = "SELECT SUM(account_balance) AS account_total FROM account WHERE user_id='$user_id'";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
while ($row = mysqli_fetch_array($result)){
$acc_total = $row ['account_total'];
?>
<td colspan="2" align="right"><b>Total: </b></td>
<td align="right"><b>$ <?php echo $acc_total ?> </b></td>
<?php
}
?>
</tr>

Use a 3rd party.
Here is one. Look at their Example #15 - Basic Pie graphs
http://pchart.sourceforge.net/documentation.php?topic=exemple15

Why don't you try the Google graphs, that is the easiest way.
Check out the link
https://developers.google.com/chart/interactive/docs/gallery/piechart

If anyone is still looking for a solution I really just went to this site
https://developers.google.com/chart/interactive/docs/drawing_charts
and echo the whole code and it works.

displaying specific records of a uses

guys please check my codes in displaying record..
<?php
include("db.php");
$username=$_POST['username'];
$email=$_POST['email'];
$query="SELECT * FROM members where username = '$username'";
$result=mysql_query($query);
$num=mysql_numrows($result);
mysql_close();
?> <br /> <p></p>
Welcome back! Your details below: <br /><br />
<table border="1" cellspacing="2" cellpadding="5">
<tr>
<th>First Name</th>
<th>Last Name</th>
<th>User Name</th>
<th>Email</th>
<th>Age</th>
</tr>
<?
$i = 0;
while ($i < $num) {
$firstname=mysql_result($result, $i, 'firstname');
$lastname=mysql_result($result, $i, 'lastname');
$username=mysql_result($result, $i, 'username');
$email=mysql_result($result, $i, 'email');
$age= mysql_result($result, $i, 'age');
?>
<tr>
<td><? echo $firstname ?></td>
<td><? echo $lastname ?></td>
<td><? echo $username ?></td>
<td><? echo $email ?></td>
<td><? echo $age ?></td>
</tr>
<?
$i++;
}
echo "</table>"; ?>
is it correct?
:-(

There's nothing fatally wrong with your code but there's a few very basic alterations i would make:
<?php
include "db.php";
$username=$_POST['username'];
$email=$_POST['email'];
// added mysql_real_escape_string to prevent sql injection
$query="SELECT * FROM `members` where `username` = '".mysql_real_escape_string($username)."'";
// added an or die clause to check for SQL errors
$result=mysql_query($query)or die(mysql_error());
// use of mysql_fetch_assoc to put user data into associative array
$user = mysql_fetch_assoc($result);
mysql_close();
?> <br /> <p></p>
Welcome back! Your details below: <br /><br />
<table border="1" cellspacing="2" cellpadding="5">
<tr>
<th>First Name</th>
<th>Last Name</th>
<th>User Name</th>
<th>Email</th>
<th>Age</th>
</tr>
<?php
// removed unnecessary loop as i'd assume the username will only be in the database once
$firstname= $user['firstname'];
$lastname= $user['lastname'];
$username= $user['username'];
$email= $user['email'];
$age= $user['age'];
?>
<tr>
<td><? echo $firstname ?></td>
<td><? echo $lastname ?></td>
<td><? echo $username ?></td>
<td><? echo $email ?></td>
<td><? echo $age ?></td>
</tr>
</table>

Your code is not correct.
phpcs test.php
FILE: /tmp/test.php
--------------------------------------------------------------------------------
FOUND 4 ERROR(S) AND 1 WARNING(S) AFFECTING 4 LINE(S)
--------------------------------------------------------------------------------
2 | ERROR | Missing file doc comment
3 | ERROR | "include" is a statement, not a function; no parentheses are
| | required
3 | ERROR | File is being unconditionally included; use "require" instead
25 | ERROR | Short PHP opening tag used. Found "<?" Expected "<?php".
29 | WARNING | Inline control structures are discouraged
--------------------------------------------------------------------------------

$username=$_POST['username']; $email=$_POST['email'];
$query="SELECT * FROM members where username = '$username'";
Search stackoverflow for "sql injections" and maybe also for "prepared statements".
<td><? echo $firstname ?></td>
The same way your sql statement is prone to sql injections this line might be the cause for injections into your html code. Use <td><?php echo htmlspecialchars($firstname); ?></td> instead.
$email=$_POST['email'];
Why is that in there? You don't use $email again until $email=mysql_result($result, $i, 'email');. My guess is your original query tested for both the username and the email address?
$i = 0;
while ($i < $num) {
mysql_result($result, $i,
i++
...
How many members with the same username can there be in your database table? More than one? If not, why do you use the while loop?
$firstname=mysql_result($result, $i, 'firstname');
$lastname=mysql_result($result, $i, 'lastname');
$username=mysql_result($result, $i, 'username');
$email=mysql_result($result, $i, 'email');
$age= mysql_result($result, $i, 'age');
Instead of five calls to mysql_result() one call to mysql_fetch_array() would suffice. Speed is probably not an issue here but again it adds a tiny bit of complexity that seems unnecessary to me and when you use mysql_fetch_xyz() you only have one variable (an array or an object) to worry about instead of #columns variables

Categories