Guernica Posted July 2, 2007 Share Posted July 2, 2007 I have this on my php page: <?php if (array_key_exists('userid',$_SESSION)) { $query = "SELECT * FROM user WHERE userid=".$_SESSION['userid']." LIMIT 1"; echo "test #1 working<br>"; $result = mysql_query($query) or die(mysql_error()); echo "test #2 working<br>"; $row = mysql_fetch_assoc($result); echo "<center><b>Welcome "; echo "{$row['username']}</b><br/></center>"; } else { echo "Welcome Guest.<br/>"; } ?> I put the update tests there to see how far it got. It doesn't get to the #2 test echo. I have this at the top above html: <?php include("database.php"); require_once("security.php"); ?> The session start in security works everywhere else, and the database.php's connection works everywhere else. I can't see to find out why it gives me this error: have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIMIT 1' at line 1 Please help! Quote Link to comment Share on other sites More sharing options...
mkoga Posted July 2, 2007 Share Posted July 2, 2007 print $_SESSION['userid'] to see what value you're sending to the database. Quote Link to comment Share on other sites More sharing options...
AndyB Posted July 2, 2007 Share Posted July 2, 2007 Better yet, examine the query that is failing: $result = mysql_query($query) or die("Error: ". mysql_error(). " with query ". $query); Quote Link to comment Share on other sites More sharing options...
bubblegum.anarchy Posted July 2, 2007 Share Posted July 2, 2007 Also consider switching: if (array_key_exists('userid',$_SESSION)) { to: if (isset($_SESSION['userid'])) { Quote Link to comment Share on other sites More sharing options...
Guernica Posted July 2, 2007 Author Share Posted July 2, 2007 Yep, I got it fixed with the reply. Thanks. Now on my premium page, I want to display all the files they have uploaded. I have this: <?php if (array_key_exists('userid',$_SESSION)) { $query = "SELECT * FROM uploaded WHERE userid=".$_SESSION['userid']." LIMIT 25"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_assoc($result); echo "Your Files<br/>{$row['title']}"; } ?> Currently it only displays one file that is under their userid. I tested it. I want it to display all the files they uploaded. I thought the LIMIT thing took care of that... But anyway, what is wrong here? Do I have to call an entire coloumn? How does that change? Thannks!! Quote Link to comment Share on other sites More sharing options...
pikemsu28 Posted July 2, 2007 Share Posted July 2, 2007 you need a loop to display all rows <?php if (array_key_exists('userid',$_SESSION)) { $query = "SELECT * FROM uploaded WHERE userid=".$_SESSION['userid']." LIMIT 25"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_assoc($result); echo "Your files:"; do { echo $row['title']."<br />"; } while ($row = mysql_fetch_assoc($results)); } ?> that should display all rows Quote Link to comment Share on other sites More sharing options...
Guernica Posted July 2, 2007 Author Share Posted July 2, 2007 It displays: Your files: guern\'s file! Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/ventura/public_html/upload/premium/index.php on line 88 Quote Link to comment Share on other sites More sharing options...
AndyB Posted July 2, 2007 Share Posted July 2, 2007 Look closely - $results should be $result Quote Link to comment Share on other sites More sharing options...
Guernica Posted July 2, 2007 Author Share Posted July 2, 2007 WOw, thanks a lot man. I didn't see that, sry. What do you do to make a thing app between each value of that column or whatever? Like if I wanted a <td> before and a </td> after? Thanks a lot u guys!! edit: I am currently using just a regular varchar blahblah for passwords and they aren't hashed or anything. How do i add that security to it? thanks again. Quote Link to comment Share on other sites More sharing options...
Guernica Posted July 2, 2007 Author Share Posted July 2, 2007 Edit: I got the pw has working on my own. Thanks for your help. bah! edit: I put this in my login code: $passwordHash = sha1($_POST['password']); and $query = "SELECT * FROM user WHERE username='$username' and password='$passwordHash'"; as my query to run. The input field is named password. It doesn't recognize the password from the database... What am I doing wrong? This is the entire thing after the query: $query = "SELECT * FROM user WHERE username='$username' and password='$passwordHash'"; $result = mysql_query($query) or die(mysql_error()); if ($row=mysql_fetch_assoc($result)) { require_once("./security.php"); echo "You are now logged in!"; $_SESSION['userid'] = $row['userid']; } else { echo "Account info not found."; } } ?> That stuff works! Cause it displays: Account info not found. So what is wrong here...? Thanks a bunch guys! There is still a question in my previous post if anyone can help there. Quote Link to comment Share on other sites More sharing options...
pikemsu28 Posted July 3, 2007 Share Posted July 3, 2007 your password has to be stored as hashed as well before you can perform a search on it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.