PNewCode Posted March 10, 2023 Share Posted March 10, 2023 (edited) Hello wonderful people! This one has me about pulling my hair out. All my google research and php help topics I can find, tell me that there is nothing wrong with what I have. Though I fully accept that I am clearly doing something wrong, as this is not working. Below is my code (simplified). I didn't include the connection info for obvious reasons. And I didn't include all the pages scripting that just shows pictures and stuff that aren't related to this (just images that are embedded and what-not) The PROBLEM is that when I go to the page (example https://www.website.com/profile.php?id=65) it brings up the profile for the id 218. In fact, I can replace the "65" with ANY number, and it will still bring up the database info for ID 218 Any thoughts on this?Note: The only parts I'm not including in this entire pages script is just the embedded pictures and still stuff that I typed on the page to read, which has no functions at all Note 2: If I change the SELECT line to $sql = "SELECT * FROM users WHERE id = '$user_id' "; OR $sql = "SELECT * FROM users WHERE id = '$id' "; Then I just get "0 Results" writen on the page Note 3: Keep in mind that ALL of the data shows on the page. The problem is that it is getting id 218 instead of what I put in the url. <?php session_start(); $hostname="localhost"; $username="Removed for posting"; $password="Removed for posting"; $dbname="Removed for posting"; $conn = mysqli_connect($hostname, $username, $password, $dbname); if(!$conn){ echo "Database connection error".mysqli_connect_error(); } $id=$_GET['id']; $sql = "SELECT * FROM users"; $result = $conn->query($sql); if ($result->num_rows > 0) { // output data of each row while($row = $result->fetch_assoc()) { $user_token = $row["token"]; $fname = $row["fname"]; $email = $row["email"]; $unique_id = $row["unique_id"]; $facebook = $row["facebook"]; $instagram = $row["instagram"]; $twitter = $row["twitter"]; $youtube = $row["youtube"]; $tiktok = $row["tiktok"]; $osite = $row["osite"]; $favmovie = $row["favmovie"]; $favactors = $row["favactors"]; $favbands = $row["favbands"]; $favseason = $row["favseason"]; $birthday = $row["birthday"]; $locationn = $row["locationn"]; $sign = $row["sign"]; $imageURL = '/chat-v3/public/storage/images/'.$row["img"]; $bio = $row["bio"]; } } else { echo "0 results"; die(); } ?> ////// A bunch of pictures and stuff here within html that show up just fine //// <font face="Verdana, Arial, Helvetica, sans-serif"><b>User Info</b></font> <font face="Verdana, Arial, Helvetica, sans-serif"><b><?php echo $fname; ?></b></font> // The line above repeats to show the rest of the values in the database Edited March 10, 2023 by PNewCode Quote Link to comment Share on other sites More sharing options...
PNewCode Posted March 10, 2023 Author Share Posted March 10, 2023 ARGH!!! Update! I feel so silly now... it was in the WHERE statement. I typed it right in the description but I wasn't typing it right in the actual script. I was putting the "?" in both ends of it. Problem is solved with $sql = "SELECT * FROM users WHERE id = '$id'"; Sorry if I wasted anyones time. Problem solved. Quote Link to comment Share on other sites More sharing options...
gizmola Posted March 10, 2023 Share Posted March 10, 2023 The answer is that you are always getting the last row in the result set. Consider your current code. You query, then in a loop fetch every row from the result set and assign the values from the row to various temporary variables of the same name and purpose. First off, not to fix your problem, but --- there is no reason to do this. You get an associative array with the values nicely indexed by column name. Don't make a bunch of temporary variables when you don't need to. Just use $row['field'] when you need to display the value. Yes, you absolutely need to change your query to take the id passed to the script. According to what you provided that should be $_GET['id']. I don't know why that hasn't worked for you yet, but that's the correct way to do this, although, you should be using a prepared statement and bind variable rather than trying to interpolate the variable. Do it the right way. Consider the interpolation example you provided: SELECT * FROM users WHERE id = '$id' " This is incorrect if id is an integer, which we have to assume it is, since this is a numeric id. So you should not put quotes around it, because it is not a string. With that said, the mysqli_ binding probably allow this but it's sloppy and incorrect SQL. In summary, there may be an issue with the id, so make sure you debug that you are getting the value you expect from the $_GET array. (This also assumes you reach this page via an anchor href). We don't have the code to know for sure what you are doing. if (empty($_GET['id']) { // this page shouldn't be entered, because no valid id was passed // maybe redirect? exit("invalid"); } $id = (int)$_GET['id']; $sql = "SELECT * FROM users WHERE id=?"; $stmt = $conn->prepare($sql); $stmt->bind_param("i", $id); $stmt->execute(); $result = $stmt->get_result(); $user = $result->fetch_assoc(); 1 Quote Link to comment Share on other sites More sharing options...
gizmola Posted March 10, 2023 Share Posted March 10, 2023 Just as I posted, I saw your reply, however, the points I have made and sample code are still things you should consider. 1 Quote Link to comment Share on other sites More sharing options...
PNewCode Posted March 11, 2023 Author Share Posted March 11, 2023 @gizmola Thank you very much for the insight and education. I much appreciate it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.