Jump to content

** solved ** user profile


pro_se

Recommended Posts

hey! i am creating an online community and whenever someone pulls up a profile it displays information from a database... duh! but when someone puts a fake url or non-existant user id into the url it shows a profile page with nothing in it... how can i instead of a blank page have a message saying invalid user or somthing like that... this is what i was thinking... [code]<?php
require 'db_connect.php';
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM users WHERE id=$id");
while($num=mysql_num_rows($result))
{if ($num == 0){ die('This user does not exist!'); }
}
?>[/code]

tell me what u think
Link to comment
Share on other sites

umm i dont really understand what you have above ive never used die before but heres something simpler if u need
<?php
require 'db_connect.php';
$id = $_GET['id'];
$query = mysql_query("SELECT count(id) FROM users WHERE id=$id");
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
$id_count = $row['id'];
if($id_count =< "0")
{
echo"The user does not exist";
exit;
}
?>
Link to comment
Share on other sites

no.... okay... the user does not exist... a 10 year old kid messes around with the url and makes it http://somthing.com/?user=4534 and the real users id is like 3.... i want it to say invalid user only if the user does not exist but there are other people... it just needs to attempt to find a row and if it does not exist say invalid user...
Link to comment
Share on other sites

well than the above should work if not try this added Or $id_count == "" to it so if its blank
[code]
<?php
require 'db_connect.php';
$id = $_GET['id'];
$query = mysql_query("SELECT count(id) FROM users WHERE id=$id");
    $result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
$id_count = $row['id'];
if($id_count =< "0" OR $id_count == "")
{
echo"The user does not exist";
exit;
}
?>
[/code]
and im certain this will work works for me im using it in my site.
Link to comment
Share on other sites

For your original example, you wouldn't put mysql_num_rows() in the while() part because it doesn't return an array or anything like that, just a number. For the second example by desithugg, that wouldn't work if my table key was p_id or something like that. Here is what I would use:

[code]
<?php
include("db_connect.php");

$query = "SELECT * FROM users WHRE id = '{$id}'";
$result = mysql_query($query) or die(mysql_error());

$count = mysql_num_rows($result);

if ($count > 0){
    while ($user = mysql_fetch_assoc($result)){
        // Do stuff here....
    }
} else {
    echo "This user does not exist.";
    // Template stuff, if any.

    exit();
}

?>[/code]
Link to comment
Share on other sites

[quote author=Jervous link=topic=105017.msg419235#msg419235 date=1156134475]
For your original example, you wouldn't put mysql_num_rows() in the while() part because it doesn't return an array or anything like that, just a number. For the second example by desithugg, that wouldn't work if my table key was p_id or something like that. Here is what I would use:

[code]
<?php
include("db_connect.php");

$query = "SELECT * FROM users WHRE id = '{$id}'";
$result = mysql_query($query) or die(mysql_error());

$count = mysql_num_rows($result);

if ($count > 0){
    while ($user = mysql_fetch_assoc($result)){
        // Do stuff here....
    }
} else {
    echo "This user does not exist.";
     // Template stuff, if any.

     exit();
}

?>[/code]
[/quote]
yea it wouldve lol
WHERE id=$id" see that part :)
so there is a row called id
btw. can som1 read my thread
[url=http://www.phpfreaks.com/forums/index.php/topic,105015.0.html]http://www.phpfreaks.com/forums/index.php/topic,105015.0.html[/url]
im kinda stuck lol need ome helo no1s answered ive made bout 20 posts waiting for 1 reply
Link to comment
Share on other sites

What do you mean by yeah it would've? I have fixed the WHERE misspelling, and comment the code so you know what's going on. I have also changed the code a bit, because on a single profile page only one row would have to be returned.

[code]
<?php
// Include connect file
include("db_connect.php");

// Setup query and do query
$query = "SELECT * FROM users WHERE id = '{$id}' LIMIT 1"; // Putting your variables in { and } makes them better somehow, it's slipped my mind ATM, but I know it's like a safety net.
$result = mysql_query($query) or die(mysql_error());

// Count the number of rows returned
$count = mysql_num_rows($result);

// If the amount of rows returned is more than 0, continue.
if ($count > 0){
    // Put user info into array.
    $user = mysql_fetch_assoc($result);
    // Do stuff here....
} else {
    // Show error message
    echo "This user does not exist.";
    // Template stuff, if any.
   
    // Exit the script
    exit();
}

?>[/code]
Link to comment
Share on other sites

That reminds me...you may have to put the {} around the id in my code also. I forgot about that too.

[code]
<?php

require 'db_connect.php';
$id = $_GET['id'];

$result = mysql_query("SELECT * FROM users WHERE id='{$id}'");
$name_check = mysql_num_rows($result);

if($name_check == 0){

    print "No such user!";

    exit;
}

?>
[/code]
Link to comment
Share on other sites

[quote author=pocobueno1388 link=topic=105017.msg419245#msg419245 date=1156135342]
Wow...that is my first time successfully helping someone XD Your welcome.

You may want to put *SOLVED* for the subject, it helps people out that go around looking for someone to help.
[/quote]
o.o lol congrats my time is still to come 114 posts one of that is bound to be helpful to someone
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.