Jump to content

I don't understand mysql SELECT.

macfall

By macfall
in PHP Coding Help

Recommended Posts

macfall Newbie

macfall

Posted
Posted

I have a database for members that looks like this:

 

| id | username | password | supporter | info |

  1    person      pass        yes      blahblahblah

  2    person2     pass        no       NULL

  3    person3     pass        no       NULL

  4    person4     pass        yes      blahblahblah

 

where "supporter" is a enumerated field with the two values, 'yes' and 'no', and "info" is just a text field for comments.

 

What I need to do is to create a cookie that distinguishes between supporters and non-supporters (i.e., those who have given me money and those who haven't). So I need to be able to tell which value is in the "supporter" field for a given member.

 

It would look like this:

 

if {

setcookie("supporter");

}

else {

setcookie("non_supporter");

}

 

But I don't know how to determine whether the member is a supporter. I have looked over several tutorials, and I fail to see how the SELECT query can be made to read from a particular row in a table. If I have 4 rows, and the member is on the third row, how do I make SELECT give me the value of "supporter" for that user?

Link to comment
https://forums.phpfreaks.com/topic/242507-i-dont-understand-mysql-select/
Share on other sites
macfall Newbie

macfall

Posted
  • Author
Posted

K, looks like I'm not doing this right.

 

This is the login script I'm using, and I'm using it to set the cookie for supporters:

 

<?php
session_start(); //Start sessions
mysql_connect('localhost', 'thrrive2', 'Cf3>AzhB?P')
or die ("Could not connect to mysql because ".mysql_error());
mysql_select_db('thrrive2_fledgepressusers')
or die ("Could not select database because ".mysql_error());
if(mysql_num_rows(mysql_query("SELECT * FROM dbUsers WHERE username='".$_POST["username"]."' and password='".$_POST["password"]."'"))==1)
{
include("back.php");
mysql_query("SELECT supporter FROM dbUsers WHERE username='".$_POST["username"]."' and password='".$_POST["password"]."'");
$supporter=$_POST["supporter"];
if($supporter=="yes")
	{
	setcookie("fledge_press", time()+86400);
	}
session_register("username"); //Create the session
}
else
{
echo 'Wrong username or password!';
include("back.php");
}
?>

 

Login works fine, but apparently it's not setting the cookie. I use this to determine whether or not the cookie has been set:

 

<?php
session_start();
if(isset($_COOKIE['fledge_press']))
{
echo "The cookie exists, " .$_POST["username"]. "."; 
}
else	
{
echo "The cookie does not exist, " .$_POST["username"]. ".";
}
?>

 

And even after a successful login, and having double- and triple-checked to make sure that the "supporter" field is set to "yes", the cookie does not get set.

 

Also I think I have a problem passing the "username" value, because nothing shows up for it in the above code, no matter which message I get.

dcro2 Newbie

dcro2

Posted
Posted

Look very carefully at these two lines:

	mysql_query("SELECT supporter FROM dbUsers WHERE username='".$_POST["username"]."' and password='".$_POST["password"]."'");
$supporter=$_POST["supporter"];

See the problem yet? Where is the value of $supporter coming from?

 

You have to fetch a row from the query (see mysql_fetch_array) and then get the field from that array.

$row = mysql_fetch_array($result);
$supporter = $row['supporter'];

Also, always run anything you get from $_POST or $_GET through mysql_real_escape_string before passing it through a query or somebody is bound to do this:

SELECT * FROM dbUsers WHERE username='username' and password='blah' OR 1=1

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.