Jump to content

Archived

This topic is now archived and is closed to further replies.

pro_se

** solved ** user profile

Recommended Posts

hey! i am creating an online community and whenever someone pulls up a profile it displays information from a database... duh! but when someone puts a fake url or non-existant user id into the url it shows a profile page with nothing in it... how can i instead of a blank page have a message saying invalid user or somthing like that... this is what i was thinking... [code]<?php
require 'db_connect.php';
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM users WHERE id=$id");
while($num=mysql_num_rows($result))
{if ($num == 0){ die('This user does not exist!'); }
}
?>[/code]

tell me what u think

Share this post


Link to post
Share on other sites
umm i dont really understand what you have above ive never used die before but heres something simpler if u need
<?php
require 'db_connect.php';
$id = $_GET['id'];
$query = mysql_query("SELECT count(id) FROM users WHERE id=$id");
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
$id_count = $row['id'];
if($id_count =< "0")
{
echo"The user does not exist";
exit;
}
?>

Share this post


Link to post
Share on other sites
no.... okay... the user does not exist... a 10 year old kid messes around with the url and makes it http://somthing.com/?user=4534 and the real users id is like 3.... i want it to say invalid user only if the user does not exist but there are other people... it just needs to attempt to find a row and if it does not exist say invalid user...

Share this post


Link to post
Share on other sites
well than the above should work if not try this added Or $id_count == "" to it so if its blank
[code]
<?php
require 'db_connect.php';
$id = $_GET['id'];
$query = mysql_query("SELECT count(id) FROM users WHERE id=$id");
    $result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
$id_count = $row['id'];
if($id_count =< "0" OR $id_count == "")
{
echo"The user does not exist";
exit;
}
?>
[/code]
and im certain this will work works for me im using it in my site.

Share this post


Link to post
Share on other sites
Parse error: parse error, unexpected $ in /var/www/user.php on line 363

there is no 363...  ???

Share this post


Link to post
Share on other sites
For your original example, you wouldn't put mysql_num_rows() in the while() part because it doesn't return an array or anything like that, just a number. For the second example by desithugg, that wouldn't work if my table key was p_id or something like that. Here is what I would use:

[code]
<?php
include("db_connect.php");

$query = "SELECT * FROM users WHRE id = '{$id}'";
$result = mysql_query($query) or die(mysql_error());

$count = mysql_num_rows($result);

if ($count > 0){
    while ($user = mysql_fetch_assoc($result)){
        // Do stuff here....
    }
} else {
    echo "This user does not exist.";
    // Template stuff, if any.

    exit();
}

?>[/code]

Share this post


Link to post
Share on other sites
[code]
<?

$sql_name_check = mysql_query("SELECT * FROM users WHERE id='$id'");
$name_check = mysql_num_rows($sql_name_check);

if($name_check == 0){

    print "No such user!";

    exit;
}

?>
[/code]

This works for me.

Share this post


Link to post
Share on other sites
o.o yea but i like to keep it simple lol
any ways i see that in almost all your posted ocdes do u mind telling me what it does
 exit(1); why is that 1 there

Share this post


Link to post
Share on other sites
[quote author=Jervous link=topic=105017.msg419235#msg419235 date=1156134475]
For your original example, you wouldn't put mysql_num_rows() in the while() part because it doesn't return an array or anything like that, just a number. For the second example by desithugg, that wouldn't work if my table key was p_id or something like that. Here is what I would use:

[code]
<?php
include("db_connect.php");

$query = "SELECT * FROM users WHRE id = '{$id}'";
$result = mysql_query($query) or die(mysql_error());

$count = mysql_num_rows($result);

if ($count > 0){
    while ($user = mysql_fetch_assoc($result)){
        // Do stuff here....
    }
} else {
    echo "This user does not exist.";
     // Template stuff, if any.

     exit();
}

?>[/code]
[/quote]
yea it wouldve lol
WHERE id=$id" see that part :)
so there is a row called id
btw. can som1 read my thread
[url=http://www.phpfreaks.com/forums/index.php/topic,105015.0.html]http://www.phpfreaks.com/forums/index.php/topic,105015.0.html[/url]
im kinda stuck lol need ome helo no1s answered ive made bout 20 posts waiting for 1 reply

Share this post


Link to post
Share on other sites
What do you mean by yeah it would've? I have fixed the WHERE misspelling, and comment the code so you know what's going on. I have also changed the code a bit, because on a single profile page only one row would have to be returned.

[code]
<?php
// Include connect file
include("db_connect.php");

// Setup query and do query
$query = "SELECT * FROM users WHERE id = '{$id}' LIMIT 1"; // Putting your variables in { and } makes them better somehow, it's slipped my mind ATM, but I know it's like a safety net.
$result = mysql_query($query) or die(mysql_error());

// Count the number of rows returned
$count = mysql_num_rows($result);

// If the amount of rows returned is more than 0, continue.
if ($count > 0){
    // Put user info into array.
    $user = mysql_fetch_assoc($result);
    // Do stuff here....
} else {
    // Show error message
    echo "This user does not exist.";
    // Template stuff, if any.
   
    // Exit the script
    exit();
}

?>[/code]

Share this post


Link to post
Share on other sites
That reminds me...you may have to put the {} around the id in my code also. I forgot about that too.

[code]
<?php

require 'db_connect.php';
$id = $_GET['id'];

$result = mysql_query("SELECT * FROM users WHERE id='{$id}'");
$name_check = mysql_num_rows($result);

if($name_check == 0){

    print "No such user!";

    exit;
}

?>
[/code]

Share this post


Link to post
Share on other sites
THANKS!!! all you guys rock! poco got it for me though... thanks dude!

Share this post


Link to post
Share on other sites
Wow...that is my first time successfully helping someone XD Your welcome.

You may want to put *SOLVED* for the subject, it helps people out that go around looking for someone to help.

Share this post


Link to post
Share on other sites
[quote author=pocobueno1388 link=topic=105017.msg419245#msg419245 date=1156135342]
Wow...that is my first time successfully helping someone XD Your welcome.

You may want to put *SOLVED* for the subject, it helps people out that go around looking for someone to help.
[/quote]
o.o lol congrats my time is still to come 114 posts one of that is bound to be helpful to someone

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.