SitePoint Sponsor

User Tag List

Page 1 of 2 12 LastLast
Results 1 to 25 of 35
  1. #1
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    if and while statements includes all

    I am testing my welcome page and when I complete the form it welcomes everyone of my tested names in the database. How can I narrow it down to only welcome the one name that filled out the form. Here is my coding.

    PHP Code:
    <?php
    session_start
    ();
        
    ini_set ("display_errors""1");
    error_reporting(E_ALL);
    ?>        
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Welcome</title>
    <style type="text/css">
    .background {color: #B56AFF;
    }
    </style>
    </head>

    <body>
    <p>

    <?php
    /* Program: login.php
     * Desc:    Displays the new member welcome page. Greets
     *            member by name and gives a choice to enter
     *            restricted section or go back to main page.
     */ 
    if (isset($_SESSION['id'])) {                
    // Set the users session ID
      
    include("Connections/connect_to_mysql.php");

    //Formulate Query
    //This is the best way to perform an SQL query
    $query "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}";
    $result mysql_query($query);
    $numrows mysql_num_rows($result);

    //Check result
    //This shows the actual query sent to MySQL and the error. Useful for debugging.

    if(!$result){
          
    $message 'Invalid query:' mysql_error() . "\n";
          
    $message .= 'Whole query:' $query;
            die(
    $message);}
    //Use result
    //Attempting to print $result won't allow access to information in the resource
    //One of the mysql result functions must be used
    //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
    if($numrows!=0){

    while(
    $row=mysql_fetch_assoc($result)){
          echo 
    "Welcome, {$row['firstname']}";
          }
          
    //Free the resources associated with the result set
          
    mysql_free_result($result);
    }
    }
    ?>
    </p>
    <p>&nbsp; </p>
    <p>Your new Member accounts lets you enter the members only section
      of our web site. You'll find special discounts, a profile of matches,
    live advise from experts, and much more.</p>
    <p>Your new Member ID and password were emailed to you. Store them
    carefully for future use.</p>
    <div style="text-align: center">
    <p style="margin-top: .5in; font-weight: bold">
    Glad you could join us!</p>
    <form action="profile.php" method="post">
        <input type="submit"
            value="Enter the Members Only Section">
            </form>
    <form action="index.php" method="post">
        <input type="submit" value="Go to Main Page">
        </form>        
            </div>
    </body>
    </html>

  2. #2
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}"
    SB
    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id="$_SESSION['id']; 
    The above is true given that your id is indeed a number, a positive integer.

    If it is a string you will have to do this:
    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id='" $_SESSION['id'] . "'"
    Take great care with the quotes.

    The reason it did not work for you before is that PHP does not expand arrays inside quotes, neither single nor double. Its an easy mistake to make and we've all done it (or continue to do it).

    Also, you have a lot of unnecessary code there, something like this would do fine, and be easier to read and follow.

    Its untested but you should get the drift:
    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id=" $_SESSION['id'] ; 
    $result mysql_query($query); 

    if(
    $result){ // or do it the way you have if you prefer "(!$result)"
          
    $row=mysql_fetch_assoc($result); 
          echo 
    "Welcome, {$row['firstname']}"
    }else{
         
    $message  'Invalid query:' mysql_error() . "\n"
         
    $message .= 'Whole query:' $query
          die(
    $message);} 

    Just to say that you are giving out far too much information in case your system goes wrong - so change it before you go live with this. (error reporting, displaying sql errors and so on).

    Good luck with it.

  3. #3
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Smile

    Thanks I must be getting closer as this is my new codes I copied from you.

    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id='" $_SESSION['id'] . "'";
    $result mysql_query($query);
     if(
    $result){
          
    // or do it the way you have if you prefer "(!$result)"
                
    $row=mysql_fetch_assoc($result);
                       echo 
    "Welcome, {$row['firstname']}";
                        }else{
                                 
    $message  'Invalid query:' mysql_error() . "\n";
                                       
    $message .= 'Whole query:' $query;
                                              die(
    $message);
                                              }
                                               }  
          
    //Free the resources associated with the result set
          
    mysql_free_result($result); 
    And this is my results when I tried it so it is showing one welcome able to use the private pages but just does not produce who is actually logged in.

    last update on live test.

    Welcome,



    Your new Member accounts lets you enter the members only section of our web site. You'll find special discounts, a profile of matches, live advise from experts, and much more.

    Your new Member ID and password were emailed to you. Store them carefully for future use.

    I am feeling lucky.

  4. #4
    SitePoint Zealot
    Join Date
    Jan 2011
    Location
    Portland
    Posts
    148
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    try this

    PHP Code:
     echo 'Welcome, ' $row['firstname']; 
    but you should check if the key exists....

  5. #5
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I put the $firstname='';

    included your coding.

    It echos out the Welcome,

    I seems to be adding to the db and making the pages available but it is still not singling out the one inputting into the form.

  6. #6
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    I'm sorry, I did say it was untested, so instead of this;
    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id='" $_SESSION['id'] . "'"
    $result mysql_query($query); 
     if(
    $result){ 
          
    // or do it the way you have if you prefer "(!$result)" 
                
    $row=mysql_fetch_assoc($result); 
    try this: (extra comments to explain my points)
    PHP Code:

    $query 
    "SELECT id, firstname FROM `Members` WHERE id='" $_SESSION['id'] . "'"

    // comment this line out later, then remove it before going live
    echo $query;
    // take a good look at the query, does it look valid?
    // copy the echoed output, paste it into whatever
    // you manage mysql with, does it return data?

    $result mysql_query($query); 

    // again, a line of debug
    var_dump$result );

     if(
    $result){ 
          
    // or do it the way you have if you prefer "(!$result)" 
                
    $row=mysql_fetch_assoc($result);

    // again, a line of debug
    var_dump$row ); 
    And yes, as jgetner pointed out, you were trying to access an array inside quotes.

    Hopefully these simple methods will help you to debug your own code and chase down exactly where you are going wrong. Get used to doing this.
    Last edited by Cups; May 14, 2011 at 11:07. Reason: added last line

  7. #7
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It returned this errors.

    SELECT id, firstname FROM `Members` WHERE id='id'resource(4) of type (mysql result) bool(false) Welcome,



    Your new Member accounts lets you enter the members only section of our web site. You'll find special

  8. #8
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    SELECT id, firstname FROM `Members` WHERE id='id'
    I advised you to copy the result of that statement and paste it into Mysql, did you do that? What did you get?

    So, do you really have an id in your database table which contains the value 'id', or let me guess - is it integers like 2?



    Tell me what the PHP line containing $query is at the moment.

    I advised you to have this:
    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id="$_SESSION['id']; 
    IF you have then just what is in the session?

    PHP Code:
    var_dump$_SESSION ); 

  9. #9
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    When I tested the login for a return live below message appears I then pasted it into MySQL which starts with #1064. Is that what you meant.

    SELECT id, firstname FROM `Members` WHERE id='id'resource(4) of type (mysql result) bool(false)

    #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'resource(4) of type (mysql result) bool(false) LIMIT 0, 30' at line 1
    SELECT id, firstname
    FROM `Members`
    WHERE id = 'id'resource( 4 ) of
    TYPE (
    mysql result
    )bool( false )
    LIMIT 0 , 30

  10. #10
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I also pasted into MySQL the follow script you mentioned. This is the results.

    #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '$query = "SELECT id, firstname FROM `Members` WHERE id=". $_SESSION['id']' at line 1
    PHP Code:
    $query "SELECT id, firstname FROM `Members` WHERE id=".$_SESSION'id']; 

  11. #11
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    No, paste the debug text that is echoed onto your page from that statement.

    If you are having a problem identifying the text change your debug echo statement from
    PHP Code:
    echo $query
    to
    PHP Code:
    echo "<hr>PASTE THIS BELOW INTO MYSQL:<br />$query<hr>"

  12. #12
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Okay this is the results from that info I pasted into MySQL

    MySQL returned an empty result set (i.e. zero rows). ( Query took 0.0003 sec )

    SELECT id, firstname
    FROM `Members`
    WHERE id = 'id'
    LIMIT 0 , 30

  13. #13
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    for some reason it is losing connection with the db. I have the same connection that I use with the form which is inputting the data. But the codes are losing connection.

  14. #14
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    So where is the 'id' in " where id = 'id' " coming from then? Is that what you were expecting to see?

    I will leave you to work that out, I've already told you in post #8 how to check what is in the session.

    I'm off to watch the match. If anyone else wants to join in please wade in....

    Good luck with this, don't worry you will soon work it out, we have all had to do it.

  15. #15
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I tested the select query in the SQL and it produced all users. Is there a way to fix the while statement to only select the one user logging on.

  16. #16
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Post the code you have.

  17. #17
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This was the only select that would produce a true statement but it included all names in the db

    PHP Code:
    SELECT id,firstname FROM Members WHERE id='$id' 

  18. #18
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Post all the code you have for that page.

  19. #19
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this is all the codes

    PHP Code:
    <?php
    session_start
    ();
        
    ini_set ("display_errors""1");
    error_reporting(E_ALL);
    ?>        
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Welcome</title>
    <style type="text/css">
    .background {color: #B56AFF;
    }
    </style>
    </head>

    <body>
    <p>

    <?php
    /* Program: login.php
     * Desc:    Displays the new member welcome page. Greets
     *            member by name and gives a choice to enter
     *            restricted section or go back to main page.
     */ 
    if (isset($_SESSION['id'])) {
            
    // Set the users session ID        
            
    include_once ("Connections/connect_to_mysql.php");
        
    $id=$_SESSION['id'];
            
    //Formulate Query
            //This is the best way to perform an SQL query    
            
    $query "SELECT * FROM `Members` WHERE id='$id'";
            
    $result mysql_query($query);
            
    $numrows mysql_num_rows($result);
            
    //Check result
            //This shows the actual query sent to MySQL and the error. Useful for debugging.
                
    if(!$result){
                        
    $message 'Invalid query:' mysql_error() . "\n";
                        
    $message .= 'Whole query:' $query;
                                die(
    $message);
                            }
                                
    /// Since the script die()'s if the query fails, you don't need an else statement.
                                /// We can assume from here on out that the query passed and the SESSION id was set.
                        
    $row mysql_fetch_assoc($result);
                            
    mysql_free_result($result);
                                    echo 
    "<p>Welcome, " $row['firstname'] . "</p>";}?>
    </p>
    <p>&nbsp; </p>
    <p>Your new Member accounts lets you enter the members only section
      of our web site. You'll find special discounts, a profile of matches,
    live advise from experts, and much more.</p>
    <p>Your new Member ID and password were emailed to you. Store them
    carefully for future use.</p>
    <div style="text-align: center">
    <p style="margin-top: .5in; font-weight: bold">
    Glad you could join us!</p>
    <form action="profile.php" method="post">
        <input type="submit"
            value="Enter the Members Only Section">
            </form>
    <form action="index.php" method="post">
        <input type="submit" value="Go to Main Page">
        </form>        
            </div>
    </body>
    </html>

  20. #20
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    select * from members where id=1;

    Paste that previous line into your database directly, what does it return?

  21. #21
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Showing rows 0 - 0 (1 total, Query took 0.0003 sec)


    id username firstname lastname password email country
    1 people Micheal Smith 43c4025f0d4cde7ab786d54d8d8829f8 people@michael.com England

  22. #22
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I tried this in the codes and got the name before the one I just posted. I cant breathe.

    So any idea how I can make the code automatically change??

    PHP Code:
    SELECT FROM `MembersWHERE id='3' 
    results

    Welcome, Francis




    Your new Member accounts lets you enter the members only section of our web site. You'll find special

  23. #23
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    we are getting there.

    So now we have proved that you have something in your database matching the requirement (ie id=1 ).

    Now you have to prove what it is that you have in your $_SESSION

    so temporarily add this line somewhere after you have checked to see that $_SESSION['id'] is set:
    PHP Code:
    var_dump$_SESSION ); 

  24. #24
    SitePoint Enthusiast
    Join Date
    Apr 2011
    Posts
    73
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this was with the id='id'
    PHP Code:
    array(2) { ["$id"]=> string(2"id" ["id"]=> string(2"id" 

    Welcome
    this was with the id='3'
    PHP Code:
    array(2) { ["$id"]=> string(2"id" ["id"]=> string(2"id" 

    WelcomeFrancis 
    I put the codes as follows under the connect db and above the $query
    PHP Code:
    $id=$_SESSION['id'];
        
    var_dump$_SESSION ); 

  25. #25
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    So it appears that there is something wrong with the place that sets the id in the session.

    You should be getting this;
    Code:
    array(1) { ["$id"]=> string(1) "3" }
    or, even this:
    Code:
    array(1) { ["$id"]=> int(1) 3 }
    So where are you setting the $_SESSION['id'] originally?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •