quick PHP Help

denby · 29 May 2012 at 20:18

hi

can anyone shed any light on why this query does not work?

Code:

$result=mysql_query("SELECT uid FROM users WHERE username='$_POST[username]' ");

$end = mysql_result($result);

echo $end;

'$_POST[username]' is being sent by the previous page

thanks :confused:

JosephDuffy · 29 May 2012 at 21:32

Although it might not be the actual problem that is stopping this code from working, it should be noted that "$_POST['username']" should be used (note the single quotes).
Have you tried using "echo $_POST['username']" to view the value when the page is loaded?
One final thing, you should at least use mysql_real_escape_string why inputting into a database, if not prepared statements (mysqli or PDO).

denby · 29 May 2012 at 21:45

hi

that code just gives me a blank page

but when i do this i get the username from the previous page ,

Code:

$usrnme = $_SESSION['username'];
echo $usrnme;

im now just trying to get the uid that relates to the username in this case the uid is "1"

Ross1234 · 29 May 2012 at 21:53

Did you make a connection?

for example:

PHP:

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');

You can check for an error with

PHP:

mysql_error()

denby · 29 May 2012 at 22:01

Ross1234 said:
Did you make a connection?

for example:

PHP:

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');

You can check for an error with

PHP:

mysql_error()

Yeah i have included the file that handles the connection

Edward01 · 29 May 2012 at 22:08

denby said:
hi

that code just gives me a blank page

but when i do this i get the username from the previous page ,

Code:

$usrnme = $_SESSION['username']; echo $usrnme;

im now just trying to get the uid that relates to the username in this case the uid is "1"

Surely you should be getting the username not the uid?? or is it just mislabelled??

Copy the mysql statement and paste it into phpmyadmin and see if it works, (with a username you know will work!).

GaryH-21 · 29 May 2012 at 23:56

Can you post the HTML for the form you're using please?

$result=mysql_query("SELECT uid FROM users WHERE username='" . $_POST['username'] ."' ");

I like doing it that way, but I think your way should work too..... but yeah, if you could post the form's html that would be great

Crowze · 30 May 2012 at 13:28

You need to use curly braces for more complex variables in double-quoted strings, like so:

PHP:

$result=mysql_query("SELECT uid FROM users WHERE username='{$_POST['username']}'");

Also, you shouldn't be dropping POSTed data stright into the query without sanitizing it first - look into mysql_real_escape_string for a quick fix.

Edit: Or use concatenation like GaryH said... personally I prefer this way as it looks neater.

denby · 30 May 2012 at 15:57

ok so ,the whole query looks like this now

Code:

$r=mysql_query("SELECT uid FROM users WHERE username='{$_POST['username']}'");
$last = mysql_fetch_array($r); 
echo ($last);

but still shows nothing on the page

what could be wrong

thanks

Muffherwell · 30 May 2012 at 16:08

Not too sure why that isn't working, however, I like to get variables from another page and store them in new variables. Not sure if it changes anything, but try catching the variable from the previous page as you did above:

Code:

$username = $_SESSION['username'];

And then change your query to:

Code:

$r=mysql_query("SELECT uid FROM users WHERE username= $username");
$last = mysql_fetch_array($r); 
echo ($last);

Also, unless I'm missing something, it should be:

Code:

echo ''.$last.'';
or
echo $last;