Echo from database

PHP
1

Hi there,

Im trying to echo a number from my database and trying to show on page.
This is a test page I wa trying it on:

<?php include("function.php"); ?>

<?php 

		$myUser = $_SESSION["user"];

		$myPoints = mysqli_query($con, "SELECT points FROM balances WHERE userId = '$myUser'");
		$row = mysqli_fetch_array($myPoints);
		$tempScore = $row['points'];


		?>
		
        points here..<?php   echo $tempScore;   ?>......here

Here is the function file:

<?php 
$con = mysqli_connect("localhost", "db", "password", "user_db"); 
init($con);

function init($con){

	
	session_start();
	if (isset($_SESSION['active']) != true) {
		$_SESSION['active'] = true;
	} 
	$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
	
	if(isset($_GET['logout'])){
		session_destroy();
		header( 'Location: /index.php' ) ;
	
	}	
	
	if (mysqli_connect_errno())
  	{
		echo mysqli_connect_error();
		exit();
  	}
$result =  mysqli_query($con, "SELECT name, email, url FROM admin LIMIT 1");
$row = mysqli_fetch_array($result);

 $adminEmail = $row['email'];
 $siteUrl = $row['url'];
 $siteName = $row['name'];
}

if(!isset($_SESSION["ref"])){
		if(isset($_GET["ref"])){
		$_SESSION["ref"] = 	mysqli_real_escape_string($con, $_GET["ref"]);
		} else {
		$_SESSION["ref"] = "";	
		}
	
	} else {
	if(isset($_GET["ref"])){
		$_SESSION["ref"] = 	mysqli_real_escape_string($con, $_GET["ref"]);
		}	
	}

?>

Its not showing any errors or numbers at all when page is loaded.
What might be wrong with it?

Chad

2

Hi Chad,

Have you tried checking $myUser to be sure that it actually contains a value?

3

How would you check that? With mysqli_error?

Chad

4

You can just do echo $myUser; and see what it spits out.

5

It seems it is spitting out an array. The word that came up was “Array”.

Why is that?

chad

6

The code you posted doesn’t show $_SESSION[“user”] being set, so you’d have to look at the rest of your code to see what value you’re assigning.

7

I searched and someone did this: var_dump($user); right before $myUser = $_SESSION[“user”]; to see what happens, and this is what it showed:
array(1) { [“userId”]=> string(8) "jsdhsu " }

The jsdhsu is the userid that is logged in.

Here is my login.php code

<?php include("function.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login &bull; <?php echo $siteName; ?></title>
<?php include("headscript.php"); ?>
    <?php include("logscr.php"); ?>
</head>
<body>
<div id="wrapper">
  <div id="header">
    <div class="header_top">
      <div class="top">
        <div class="logo"> <a href="#">Adstar</a> </div>
      </div>
      <div class="clear"></div>
    </div>
    <div class="header_bottom">
<?php include("buttons.php"); ?>
      <?php include("menu.php"); ?>
    </div>
  </div>
  <div id="body">
    <div class="box">
        <?php
		if(isset($_SESSION["user"])){
			echo "<h2>You Are Already Logged In</h2><p>If you are trying to login with a different account, please remember you can not use Proxies when logging in.  If you want to sign into another account, close the browser and start again.";
		} else {
		
		if(isset($_POST['pass']) && isset($_POST['email'])){
			$email = mysqli_real_escape_string($con, $_POST["email"]);
			$pass = mysqli_real_escape_string($con, $_POST["pass"]);
			$checkPass = mysqli_query($con, "SELECT * FROM users WHERE email = '$email' AND password = '$pass'");
			
			if(mysqli_num_rows($checkPass) != 0){
				$confCheck =mysqli_query($con, "SELECT * FROM users WHERE email = '$email' AND confirmed = '1'");
				if(mysqli_num_rows($confCheck) != 0){
			$userId = mysqli_query($con, "SELECT userId FROM users WHERE email = '$email'");
			$uId1 = mysqli_fetch_assoc($userId);
			$_SESSION["user"] = $uId1;
			mysqli_query($con, "UPDATE users SET lastLogin = NOW() WHERE userId = '$uId1'");		
			echo "<h2>Login Successful</h2>
				} else {
				echo "<h2>Login Failed</h2><p>You need to confirm your account!  Login to your email and click the link provided.</p>";	
				}
			
			
			} else {
				$checkEmail = mysqli_query($con, "SELECT * FROM users WHERE email = '$email'");
				if(mysqli_num_rows($checkEmail) != 0){
				$userId = mysqli_query($con, "SELECT userId FROM users WHERE email = '$email'");
				echo "<h2>Login Failed</h2><p>The password you provided for $email is not valid.  <a href='login.php?user=$userId'>Request Your Password</a>.";
				} else {
					echo "<h2>Invalid Login Data</h2><p>The email you entered is not in our database.  You can create a new account today and begin earning in minuites.</a>.";
				}
				
			}
		} else {
		 echo "<h2>Error: Login Failed </h2> <p>An error occured when passing data to the login page.  Restart browser and try again.  If the problem happens again, please contact support.";	
		}
		}
	?>
        
    </div>
    
    <div class="clear"></div>
    
  </div>
  
  <div id="footer">
  	  	<ul>
    	<?php include("footlinks.php"); ?>
       
    </ul>
  </div>
</div>
<?php include("footer.php"); ?>
</body>
</html>
8

OK, so here is the relevant section of code:


$userId = mysqli_query($con, "SELECT userId FROM users WHERE email = '$email'"); 
$uId1 = mysqli_fetch_assoc($userId); 
$_SESSION["user"] = $uId1;

The return value from mysqli_fetch_assoc is an array, even if you select only one column from the DB. The simplest solution would be to do this:

$_SESSION["user"] = $uId1['userId'];
9

Thank you so much fretburner.
That damn line actually fixed my whole website.
Thanks for your time in helping me.

Kind Regards Chad