PHP Register & Login application error

[cardwell164]

hi guys. im a newbie in this forum and im glad that i found this. anyway, i have a problem with my code. i am creating a register and login application using php. however its not passing the data properly. i have tried to echo it and still its not showing. can anybody help me on this please? any assistance would be greatly appreciated 

 

here is my code for my init.php

<?php
session_start();

require 'database/connect.php';
require 'functions/general.php';
require 'functions/users.php';

if (logged_in() == true)
{
	$session_user_id = $_SESSION['userid'];
	$user_data = user_data($session_user_id, 'userid', 'username', 'password', 'firstname', 'lastname', 'email');
}

$errors = array();
?>

and this is my users.php which i think where lies the problem. i will just include the code of the function that creates the error.

<?php

function user_data($userid)
{
	$data = array();
	$userid = (int)$userid;

	$func_num_args = func_num_args();
	$func_get_args = func_get_args();

	if($func_num_args > 0)
	{
		unset($func_get_args[0]);
		$fields = '`' . implode('', $func_get_args) . '`';
		$data = mysql_fetch_assoc(mysql_query("SELECT '$fields' FROM users WHERE userid = '$userid'"));

		print_r($data);

		return $data;
	}
}

?>

supposedly it should print the query stored in $data however its not doing that

 

[mac_gyver]

your query is failing due to a sql syntax error. the fields listed in the SELECT list should not be enclosed in single-quotes. also, your $userid value is an integer, it shouldn't be enclosed by single-quotes in the query.

 

so, two things -

 

1) you need set php's error_reporting to E_ALL and display_errors to ON in your php.ini (the best place) or in your script, to get php to help you by reporting and displaying all the errors it detects.

 

2) you need to ALWAYS have error checking logic in your code to test if a step worked or not before trying to use the result you expect from that step, i.e. don't nest functions like mysql_fetch_assoc(mysql_query(" ...")), where the inner function can fail due to an error. putting error checking logic in your code makes your code self troubleshooting, your code will tell you when and why it is failing, no guessing is needed.

[Ch0cu3r]

is this just another repeat of this

http://forums.phpfreaks.com/topic/283160-problem-pulling-data-from-database/ and http://forums.phpfreaks.com/topic/282635-cannot-view-the-fields-unless-i-state-select-all-but-it-still-does-not-work/

 

You got this from phpacademy.org right? Ask them for support

Edited October 25, 2013 by Ch0cu3r

[mac_gyver]

lol, well each of the OP's hacked up the code differently, so technically not the same code

 

though it's the same root problem - copy/pasting code, rather than actually learning and writing the code you want because you know what it does and it does what you want.

[cardwell164]

im still new to php and i mostly get my learnings off the internet. i copy the codes to check if they run correctly and understand them afterwards. thanks for the help guys. however im still experiencing the same problem

[Ch0cu3r]

Change the user_data function to

function user_data($userid)
{
	$data = array();
	$userid = (int)$userid;

	$func_num_args = func_num_args();
	$func_get_args = func_get_args();

	if($func_num_args > 0)
	{
		unset($func_get_args[0]);
		$fields = '`' . implode('', $func_get_args) . '`';
		// check the query executed. mysql_query returns false if there is an error
		if(($result = mysql_query("SELECT '$fields' FROM users WHERE userid = '$userid'")) !== false)
		{
			// check that the query did actually return any results
			if(mysql_num_rows($result))
			{
				return mysql_fetch_assoc($result); // return the result
			}
			// query didn't return any results
			else
			{
				echo 'user_data() query returned no results!';
			}
		}
		// qeuery has failed find out why using msyql_error();
		else
		{
			echo 'user_data() query has failed - ' . mysql_error();
		}
	}
	return false;
}

It should echo out an error message about why the user_data() function is not returning any data.

[cardwell164]

thanks for that sir you have been very helpful. i was able to identify the problem now. its not returning any results. i am debugging it as i am posting this

Edited October 27, 2013 by cardwell164

[Ch0cu3r]

The query used in user_data() function will only work if the $_SESSION['userid'] variable contains the id value for the logged in user. Check that this variable is set correctly when the user logs in.

[cardwell164]

thanks again for the help sir. that part is fixed now. however i have encountered another problem its now saying:

 

Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\registerlogin\core\functions\users.php on line 34

 

i really dont know why its saying that. i have double checked that function and i dont see anything wrong there. i hope you will still help me. anyway here is my code

function user_exists($username)
{
	$username = sanitize($username);
	$query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'");
	return (mysql_result($query, 0) == 1) ? true : false;
}

could it be something wrong with my apache version?

[Ch0cu3r]

 

 

could it be something wrong with my apache version?

Nothing to do with Apache. it is just that phpacademy has coded the login/register script poorly. This is why you are getting so many errors.

 

You need to check that the query has returned a result before you call mysql_result(). Change the function to the following to see what could be wrong

function user_exists($username)
{
    $username = sanitize($username);
    if($result = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'"))
    {
        if(mysql_num_rows($result))
          return (mysql_result($result, 0) == 1) ? true : false;
        else
          echo 'user_exists() query returned no results!';
    }
    else
      echo 'user_exists() query return: ' . mysql_error();
}

Edited October 28, 2013 by Ch0cu3r

[cardwell164]

by the way i tried to echo the query and it displayed it correctly

[Ch0cu3r]

What does my code output when you run it? Just because the query appears to be formatted correctly when you echo it does not mean there is nothing wrong with it. 

 

When executing query's you need to check that it executed and that it returned any results. You cannot always assume a query will execute OK.

[cardwell164]

 

Nothing to do with Apache. it is just that phpacademy has coded the login/register script poorly. This is why you are getting so many errors.

 

You need to check that the query has returned a result before you call mysql_result(). Change the function to the following to see what could be wrong

function user_exists($username)
{
    $username = sanitize($username);
    if($result = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'"))
    {
        if(mysql_num_rows($result))
          return (mysql_result($result, 0) == 1) ? true : false;
        else
          echo 'user_exists() query returned no results!';
    }
    else
      echo 'user_exists() query return: ' . mysql_error();
}

you dont know how thankful i am to you sir. i just solved my problem. i do agree with you that phpacademy's coding style is coded somewhat poorly. however its the best resource i got that gets things explained very well. i have to hand it to alex though, he explains things very well and always says in the end why this particular function/technique etc. is useful. are there any tutorials that you can recommend?

Edited October 28, 2013 by cardwell164

[mac_gyver]

programming requires more than following along with some code in a tutorial you have found. you must actually understand what the code means and how it contributes to the goal you are trying to achieve. in your latest problem, you probably found you had an incorrect column name in the query. it's your responsibility to keep track what's going on in your code/variables/queries.

 

the code that Ch0cu3r has given you, twice in this thread, is called error checking logic. you need to ALWAYS test if a step that can fail due to an error has worked or not before trying to use the result from that step.

 

if you ALWAYS use error checking logic in your code, your code will help you troubleshoot, because your code will tell you if and why it failed.

[cardwell164]

it was a stupid mistake sir. in my connect.php, i called the wrong database name. instead of registerlogin, i had it loginregister. it turned out i was barking at the wrong tree. i wasnt able to include the die function because the tutorial didnt include it. anyhow, your help was the best!

[cardwell164]

programming requires more than following along with some code in a tutorial you have found. you must actually understand what the code means and how it contributes to the goal you are trying to achieve. in your latest problem, you probably found you had an incorrect column name in the query. it's your responsibility to keep track what's going on in your code/variables/queries.

 

the code that Ch0cu3r has given you, twice in this thread, is called error checking logic. you need to ALWAYS test if a step that can fail due to an error has worked or not before trying to use the result from that step.

 

if you ALWAYS use error checking logic in your code, your code will help you troubleshoot, because your code will tell you if and why it failed.

thanks for the advice sir. i will take note of that.