Jump to content

Mysqli with a Function


headrush

Recommended Posts

Hi
 
I am trying to create 2 functions.
​one to check that user exists and the other to check that user is active.
 
However I keep getting the error unexpected ',' on line 4
 
 
When I remove the ',' I still get errors.
 
​Does anyone have any idea where I'm going wrong and how to resolve?
​Thanks
 
<?php
function user_exists($username) {
    $username = sanitize($username);
    $result = $mysqli->query($db,"SELECT COUNT(`user_id`) FROM `users` WHERE `username` ='$username'"), 0) == 1) ? true : false;
  
}
function user_active($username) {
    $username = sanitize($username);
    $result = $mysqli->query($db,"SELECT COUNT(`user_id`) FROM `users` WHERE `username` ='$username' AND `active` = 1 "), 0) == 1) ? true : false;
}
?>

 

 

Link to comment
Share on other sites

The code makes no sense, neither syntactically nor semantically. You have misplaced parentheses, a mysterious “0” parameter (what is that supposed to do?), and the query() method simply doesn't work like this.

 

You also shouldn't try to escape the input manually, because this is very error-prone. I don't even know what your sanitize() function does. Instead, use a prepared statement:

$user_exists_stmt = $databaseConnection->prepare('
    SELECT EXISTS (
        SELECT 1
        FROM users
        WHERE username = ?
    )
');

// Bind values to the parameters
$user_exists_stmt->bind_param('s', $username);

// Execute statement
$user_exists_stmt->execute();

// Bind results to variables and fetch them
$user_exists_stmt->bind_result($user_exists);
$user_exists_stmt->fetch();

// Inspect result
var_dump($user_exists);
Link to comment
Share on other sites

Hi
Thank you so much for your response.


​What I have done is created a login form. and on click submit it checks this

<?php


if (empty($_POST) === false) {
    $username = $_POST['username'];
    $password = $_POST['password'];

// If submited without entering in 1 box or both
    if(empty($username) === true || empty($password) === true) {
      $errors[] = 'You need to enter a username and password';

// If submited but username not in database
   } else if (user_exists($username) === false) {
      $errors[] = 'No username found. have you registered?';

   } else if (user_active ($username) === false) {
      $errors[] = 'You need to activate your account to allow log in!';

   } else {

    //somthing
}
 
   print_r($errors);

}

?>

And using what you have provided it uses the functions. However When I login if I enter nothing in the username and password it does say 'please enter username and password'. However if I enter the correct username and password. it shows this?

int 1

int 1

Array ( ) 

login.php

<?php

function user_exists($username) {
$db = new mysqli('localhost','','','testing');
$user_exists_stmt = $db->prepare
('SELECT EXISTS (SELECT 1 FROM users WHERE username = ?)');



// Bind values to the parameters
$user_exists_stmt->bind_param('s', $username);

// Execute statement
$user_exists_stmt->execute();

// Bind results to variables and fetch them
$user_exists_stmt->bind_result($user_exists);
$user_exists_stmt->fetch();

// Inspect result
var_dump($user_exists);
}


function user_active($username) {
$db = new mysqli('localhost','','','testing');
$user_active_stmt = $db->prepare
('SELECT EXISTS (SELECT 1 FROM users WHERE username = ? AND active =1)');


// Bind values to the parameters
$user_active_stmt->bind_param('s', $username);

// Execute statement
$user_active_stmt->execute();

// Bind results to variables and fetch them
$user_active_stmt->bind_result($user_exists);
$user_active_stmt->fetch();

// Inspect result
var_dump($user_exists);
}

?>

Link to comment
Share on other sites

what I mean in above is its now showing the errors its showing the result as either the below and not showing the test errors I created.
​The only time it shows the error message is when I don't enter in one or both boxes and submits and echos out the error

 

"You need to enter a username and password"

 

So I know its doing the checks

if user and password correct its displaying below

int 1
2. 
3.int 1
4. 
5.Array ( ) 


if user and password incorrect

int 1
2. 
3.int 1
4.int 0
5.Array ( ) 



if not registered
int 02. 
3.int 0
4.int 0
5.Array ( ) 
Link to comment
Share on other sites

There are still a lot of problems in your code.

 

You appearently expect your functions to return booleans, but there's no return statement anywhere. Opening a new database connection for every function call is also a bad idea, because it's extremely inefficient and leads to a lot of duplicate code. Instead, open a single connection for the script and send all your queries to that connection. You can pass the MySQLi object to your functions or use a global variable for the connection.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.