I have this function that gets the last user login time;
///////////////////////////////////////////////////////////////////////////////////////////////////////
// BEGIN QUERY TO GET USER DATA
function get_userlastlogin($uid,$un) {
require 'includes/db.config.php';
$query = "SELECT
users.user_lastlogin
FROM users
WHERE users.id = '$uid' AND username = '$un'
";
try
{
$stmt = $db->prepare($query);
$stmt->execute();
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$users_data = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $users_data;
}
I want to use it with this code to return just the lastlogin value;
None of this really has any relevance to the error. Undefined Index usually means that you are referencing a variable that was never created and thefore would make no sense. I assume you are trying to call your function.
Also, since you are using prepared statements, please use them correctly. What you are doing IS the cause of SQL Injection.
Itās weird that your query only retrieves one single column, yet the array returned contains more than one column, almost as if your query was running āselect *ā rather than as you have it. Any chance youāve got an old version on the server that is using the wrong query?
On another thing, I think it would be clearer if you just used fetch() instead of fetchall() - the nature of the query is such that it should only return one row, youāre assuming it only returns one row in any case, so you could remove the second dimension of the array (by using fetch()) and make things nicer. IMO of course.
Sorry, I managed to sort out the function with some help, here is the final code Iām using;
///////////////////////////////////////////////////////////////////////////////////////////////////////
// BEGIN QUERY TO GET USER DATA
function get_specificuserinfo($uid,$un,$col) {
require 'includes/db.config.php';
$query = "select " . $col . " from users where users.id = '$uid' and username = '$un'";
try
{
$stmt = $db->prepare($query);
$stmt->execute();
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$data = $stmt->fetchColumn(); // you could use this as it's only a single column
return $data; // after checking it returned something
}
My issue now is I want to use a similar method to get profile data, but itās more complex because I have numerical values stored in the profiles table (say for height for example) that link to another tableās id frmHeight for example that should then return the actual human friendly value ā5ft 8"ā for example.
Iām using joins the query to display the full profile but am in need of calling the specific values for the edit profile pages.
You need to either have a function that āknowsā that some columns require a separate lookup and have it cope with that, or call the profile function to get the height-code and then, in your calling code, retrieve the description for the height. Because the profile seems to have joins to other tables, then perhaps thatās a reason for it reverting to your original code style that loads the entire profile and only returns the required column.
Might have been better to store the height in inches and just have a display function to convert it into feet and inches, rather than a look-up table. Apart from anything else, itād be easier to sort or perform calculations on it.
With height in feet and inches, I would probably store as numerical data, either decimal feet, or inches as an integer, as thatās more machine friendly. Then have a function to convert the value to a human friendly string on retrieval.