How to access a database with user logs in

[Icewolf]

Hi

I am trying to get data from a sql database based on who logs in. I am having problems getting it to display.

I am not sure how to ge this to look at the query piece. I have tried to do it on a sperate PHP page as well as with in the same PHP file.

	<!--fetch tha data from the database
													while ($row = mysql_fetch_array($result)) 													
													echo "-->
													<form action="Dropdown_new.php" target="showhere">
														<table width=844 cellspacing=2 cellpadding=2 border=2>
															<tr>
																<td bgcolor=#000000 width=150><font face=tahoma color=white>ID: {$row['Member_ID']}</font></td> 
																<td width=150><font face=tahoma>Bank: {$row['Bank']}</td> 
																<td width=150><font face=tahoma>Reward 1: {$row['Reward_1']}</td> 
																<td width=150><font face=tahoma>Reward 2: {$row['Reward_2']}</td> 
																<td width=150><font face=tahoma>Reward 3: {$row['Reward_3']}</td>
															</tr>
														  </table>
													</form>
												   <iframe width="800" height="100" name="showhere" marginheight="0" marginwidth="0" frameborder="0" scrolling="no"> </iframe>
	

Here is the query piece do I need to name this and then call that name below to get it to display?

<?php 
$username = "pdogclan";
$password = "topdog0208";
$hostname = "localhost";
 
//connection to the database
$dbhandle = mysql_connect($hostname, $username, $password)
 or die("Unable to connect to MySQL");
echo "<font face=tahoma color=#ff000><b>Connected to MySQL</b></font><br><br>";

//select a database to work with
$selected = mysql_select_db("pdogclan_points",$dbhandle)
  or die("Did this change");
  
// Formulate Query
$memid = mysql_real_escape_string($_COOKIE['username']);
$query = sprintf("SELECT Member_ID, Bank, Reward_1, Reward_2, Reward_3 FROM Points_Rewards WHERE Member_ID = '$memid'") or die("Could Not Formulate the Query");

//execute the SQL query and return records
$result = mysql_query($query);

// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
    $message  = 'Invalid query: ' . mysql_error() . "\n";
   $message .= 'Whole query: ' . $query;
    die($message);
}
?>

[Muddy_Funster]

you don't pass in the member id, you pass in what you think is the username (have you done a var_dump() of the actual cookie contents to check what's actualy in there?), also, you haven't called your sprintf properly, it should look something a bit like :

 

$query = sprintf("SELECT Member_ID, Bank, Reward_1, Reward_2, Reward_3 FROM Points_Rewards WHERE username = %s", $memid);

you don't need to "or die" the sprintf() function as it's coverd bt PHP's native error capture.

 

Have you looked at using PDO at all?

[litebearer]

BTW, I hope those are NOT your actual username and password

[Icewolf]

you don't pass in the member id, you pass in what you think is the username (have you done a var_dump() of the actual cookie contents to check what's actualy in there?), also, you haven't called your sprintf properly, it should look something a bit like :

$query = sprintf("SELECT Member_ID, Bank, Reward_1, Reward_2, Reward_3 FROM Points_Rewards WHERE username = %s", $memid);

you don't need to "or die" the sprintf() function as it's coverd bt PHP's native error capture.

 

Have you looked at using PDO at all?

Hi

What do you mean by Vardump? I am new to this kind of code.

[PaulRyan]

You are using "mysql_fetch_array($result)" which actually returns an array of the values using numbers e.g. "$row[0]"

 

Try using this:

 

while ($row = mysql_fetch_assoc($result)) 

[Muddy_Funster]

var_dump() is used to "dump" the contents of a variable, it's used like

var_dump($_COOKIE['username']);

you can wrap it insord a die() for debugging variables as you work through your code,

die(var_dump($_COOKIE['username']));

 

 

 

You are using "mysql_fetch_array($result)" which actually returns an array of the values using numbers e.g. "$row[0]"

 

Try using this:

while ($row = mysql_fetch_assoc($result)) 

 

Actualy, unless defined in the code, mysql_fetch_array returns both associative and numerical array data - see here : http://php.net/manual/en/function.mysql-fetch-array.php

[PaulRyan]

@Muddy_Funster - Kudos, had a complete brain fart with that.

[Icewolf]

So this Var_Dump should show me what cookies for that if I am getting a null back then that means that specific coding to pull the cookie is not correct right? How do I figure out what the could should be?

 

var_dump() is used to "dump" the contents of a variable, it's used like

var_dump($_COOKIE['username']);

you can wrap it insord a die() for debugging variables as you work through your code,

die(var_dump($_COOKIE['username']));

Actualy, unless defined in the code, mysql_fetch_array returns both associative and numerical array data - see here : http://php.net/manual/en/function.mysql-fetch-array.php

[Muddy_Funster]

vardump will display the content of any variable that it is called against at the time that it is called.  I wonder though, are you setting a cookie or are you using the PHP session superglobal? if you are setting a cookie it could be that the setting is the problem as well as/ instead of the getting.  You should have some logic to check the existance of cookies and session variables before you call them in the code - people may have cookies turned off for example - to safeguard against trying to check against unset/non existant variables/content.