RedInjection Posted October 30, 2015 Share Posted October 30, 2015 (edited) Hello <?php $sql = "SELECT role FROM users"; $result = $mysqli->query($sql); $row = $result->fetch_assoc(); $checkrole = $row['role']; if (logged_in() == true AND $checkrole == 'admin' ) { ?> <b>I am admin</b> <?php ; } <?php if (logged_in() == true AND $checkrole == 'user' ) { ?> <b>I am user</b> <?php ; } ?> My table has 1 admin and 1 user but when I run this script the user is saying admin when it should be saying user? I had this working and now its broke, I dropped my table and recreated but didn't fix it... Edited October 30, 2015 by RedInjection Quote Link to comment Share on other sites More sharing options...
0x00 Posted October 30, 2015 Share Posted October 30, 2015 You probably need a WHERE clause else its returning all users roles and you are only checking the first rows result: $sql = "SELECT role FROM users WHERE name='user'"; Quote Link to comment Share on other sites More sharing options...
RedInjection Posted October 30, 2015 Author Share Posted October 30, 2015 I changed to this $sql = "SELECT * FROM users where role = 'admin'"; It's still returning admin for when a user is logged in user role Quote Link to comment Share on other sites More sharing options...
0x00 Posted October 30, 2015 Share Posted October 30, 2015 (edited) Does admin have the admin role, is it also the first entry to have such a role, if so that will be your first result. In cases like this I test for a single result otherwise display an error msg (in debug anyway, else log it). Here I'm guessing that multiple users can have the same role, however each user has a unique username, id, etc... The easiest way to debug this is to loop the results and print them all out... while ($row = $result->fetch_assoc()) { echo ... } Scratch all that, you're asking it for users with admin role! So that's what you're getting!? I changed to this $sql = "SELECT * FROM users where role = 'admin'"; It's still returning admin for when a user is logged in user role Edited October 30, 2015 by 0x00 Quote Link to comment Share on other sites More sharing options...
0x00 Posted October 30, 2015 Share Posted October 30, 2015 (edited) You need to specify the current user, and not just by role... probably either by name, id, etc... depending on your table columns. Edited October 30, 2015 by 0x00 Quote Link to comment Share on other sites More sharing options...
RedInjection Posted October 30, 2015 Author Share Posted October 30, 2015 If I run a loop it only prints the word "admin" but there are 2 entrys in the table so it's like its all picking up first row, if i remove the row from table so the user moves up it will then print user? Quote Link to comment Share on other sites More sharing options...
0x00 Posted October 30, 2015 Share Posted October 30, 2015 What are the column tables of the table? Quote Link to comment Share on other sites More sharing options...
RedInjection Posted October 30, 2015 Author Share Posted October 30, 2015 Quote Link to comment Share on other sites More sharing options...
0x00 Posted October 30, 2015 Share Posted October 30, 2015 Try: $sql = "SELECT role FROM users WHERE username = 'user'"; or if you have the current users id then you could: $sql = "SELECT role FROM users WHERE id = '".$id."'"; Quote Link to comment Share on other sites More sharing options...
RedInjection Posted October 30, 2015 Author Share Posted October 30, 2015 Still showing "admin" even for a user logged in Quote Link to comment Share on other sites More sharing options...
0x00 Posted October 30, 2015 Share Posted October 30, 2015 Show the code then Quote Link to comment Share on other sites More sharing options...
benanamen Posted October 30, 2015 Share Posted October 30, 2015 (edited) Run this and show me the result. <?php $sql = "SELECT role FROM users WHERE username='user'"; $result = $mysqli->query($sql); $result->fetch_assoc(); print_r($result); ?> Edited October 30, 2015 by benanamen Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 30, 2015 Share Posted October 30, 2015 It may be your browser cache, try clearing it and try. Quote Link to comment Share on other sites More sharing options...
RedInjection Posted October 30, 2015 Author Share Posted October 30, 2015 Tried to clear my cache but same result I am afraid "SELECT role FROM users WHERE role='admin' mysqli_result Object ( [current_field] => 0 [field_count] => 1 [lengths] => Array ( [0] => 5 ) [num_rows] => 1 [type] => 0 ) SELECT role FROM users WHERE role='user' mysqli_result Object ( [current_field] => 0 [field_count] => 1 [lengths] => Array ( [0] => 4 ) [num_rows] => 1 [type] => 0 ) SELECT role FROM users WHERE role='user' or role='admin' mysqli_result Object ( [current_field] => 0 [field_count] => 1 [lengths] => Array ( [0] => 5 ) [num_rows] => 2 [type] => 0 ) Appreciate your help to all! Quote Link to comment Share on other sites More sharing options...
0x00 Posted October 30, 2015 Share Posted October 30, 2015 Why are you selecting by role? You need to select by the current users name or id... Quote Link to comment Share on other sites More sharing options...
benanamen Posted October 30, 2015 Share Posted October 30, 2015 (edited) Dang Mysqli, PDO would have given me the data, not an Object. Nevertheless, the result counts are right. What you have not shown is the code for logged_in() Edited October 30, 2015 by benanamen Quote Link to comment Share on other sites More sharing options...
RedInjection Posted November 1, 2015 Author Share Posted November 1, 2015 Fixed it be reinstalling PHP, without any modifications my original script post works <?php $sql = "SELECT role FROM users"; $result = $mysqli->query($sql); $row = $result->fetch_assoc(); $checkrole = $row['role']; if (logged_in() == true AND $checkrole == 'admin' ) { ?> <b>I am admin</b> <?php ; } <?php if (logged_in() == true AND $checkrole == 'user' ) { ?> <b>I am user</b> <?php ; } ?> Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted November 1, 2015 Share Posted November 1, 2015 I have absolutely no idea how this could possibly “work”. You're randomly selecting the role of a user, and if that user happens to be an admin, then you consider the current user an admin as well? So anybody can be an admin on your site if they're lucky? Shouldn't you be selecting the actual user that's currently logged in? Quote Link to comment Share on other sites More sharing options...
0x00 Posted November 1, 2015 Share Posted November 1, 2015 But you are still fetching all the rows in the table and only checking against the first row, that could be anybodies role! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.