Nematode128 Posted April 14, 2020 Share Posted April 14, 2020 (edited) Hello I'm currently working on a staff page for my website and I'm having trouble with a function not working corrrectly. The function is supposed to display an error message if the logged in user isn't a high enough level however it doesn't seem to be correctly getting the users rank level correctly cause in the error message it returns "You have a rank of" instead of "You have a rank of x". Here are my codes below maindir/header.php $username = $_SESSION['username']; $sql = "SELECT * FROM users WHERE username=? LIMIT 1"; // SQL with parameters $stmt = $link->prepare($sql); $stmt->bind_param("s", $username); $stmt->execute(); $result = $stmt->get_result(); // get the mysqli result $user = $result->fetch_assoc(); // fetch data function verify_staff() { if ($user['rank'] <= '2') { echo " <div class='alert alert-danger' role='alert'> You're not supposed to be here. You have a rank of " . $user['rank'] . " </div> "; exit; } } /maindir/staff/index.php <?php require '../header.php'; verify_staff(); echo "Staff panel"; require '../footer.php'; ?> Edited April 14, 2020 by Nematode128 Quote Link to comment Share on other sites More sharing options...
gw1500se Posted April 14, 2020 Share Posted April 14, 2020 First do not use * in your query. Only ask for the columns you intend to use. As for your question, you need to make sure the query is returning what you expect. Do this to verify it: echo "<pre>"; print_r($user); echo "</pre>"; Quote Link to comment Share on other sites More sharing options...
NotSunfighter Posted April 14, 2020 Share Posted April 14, 2020 Why are you pulling everything from the db with the * when all you want is the rank? In your echo you are putting a double quote inside a double quote. => You have a rank of " . $user['rank'] . " Quote Link to comment Share on other sites More sharing options...
Nematode128 Posted April 14, 2020 Author Share Posted April 14, 2020 8 minutes ago, NotSunfighter said: Why are you pulling everything from the db with the * when all you want is the rank? In your echo you are putting a double quote inside a double quote. => You have a rank of " . $user['rank'] . " I'm getting username, email and a few other things later on. Quote Link to comment Share on other sites More sharing options...
Nematode128 Posted April 14, 2020 Author Share Posted April 14, 2020 11 minutes ago, gw1500se said: First do not use * in your query. Only ask for the columns you intend to use. As for your question, you need to make sure the query is returning what you expect. Do this to verify it: echo "<pre>"; print_r($user); echo "</pre>"; I know $user is returning other values because it can echo $user['username'], $user['email']; etc from the table no problem Quote Link to comment Share on other sites More sharing options...
Barand Posted April 14, 2020 Share Posted April 14, 2020 The variable "$user" does not exist inside your function (variable scope!). Pass it in your function call. E.G. verify_staff($user); Quote Link to comment Share on other sites More sharing options...
Nematode128 Posted April 14, 2020 Author Share Posted April 14, 2020 1 minute ago, Barand said: The variable "$user" does not exist inside your function (variable scope!). Pass it in your function call. E.G. verify_staff($user); Okay that makes sense. Would I have to run another sql query inside the function then? Quote Link to comment Share on other sites More sharing options...
Barand Posted April 14, 2020 Share Posted April 14, 2020 $user is already the output from a query you have just run. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.