-1

I can't seem to display the information of the user currently logged in. I'm not sure what I'm doing wrong here. I've got my login page and logout function working correctly, and when I register a user it add that user to the database, but I want to be able to display the current users data when they log in.

<?php 
session_start();

// connects to the database
$mysqli = new mysqli("localhost", "root", "");


$query = "SELECT firstName, lastName, username, password, loyaltyPoints FROM user WHERE username = '".$_SESSION['username']."'";

if($result = $mysqli->query($query))
{
while($row = $result->fetch_assoc())
{

    echo $row['firstName'];
    echo $row['lastName'];
    echo $row['username'];
    echo $row['password'];
    echo $row['loyaltyPoints'];

}
$result->free();
}
else
{
echo "No results found";
}
?>

<html>

<head>  
</head>
<body>
Welcome! Click here to <a href="logout.php" tite="Logout">Logout.</a>
    or here to go to the home page --> <a href ="INDEX.html">HOME</a>
</body>
</html>
crazychris119
  • 51
  • 2
  • 12
  • 1
    I dont see you printing user information anywhere. Try this. Welcome ! Click ... – Rash Mar 30 '15 at 02:16
  • It still doesn't work. It says there's an undefined variable when I add that. – crazychris119 Mar 30 '15 at 02:21
  • How come you're asking for the password to be returned? If you need to match against the stored hash then query instead of retrieving then matching. – Bankzilla Mar 30 '15 at 02:21
  • You need to save the variable first so that its accessible. You are closing the $result. Hence you are not able to read it later. – Rash Mar 30 '15 at 02:22

1 Answers1

0

First off, you haven't selected any database yet. Do that first.

You current code:

$mysqli = new mysqli("localhost", "root", ""); // missing fourth parameter

Add that there.

<?php

error_reporting(E_ALL);
ini_set('display_errors', '1');
session_start();

// connects to the database
$mysqli = new mysqli('localhost', 'root', '', 'DATABASE NAME'); // add the database name (fourth parameter)

if(empty($_SESSION['username'])) {
    echo 'not logged in';
    exit;
}

$query = "SELECT firstName, lastName, username, password, loyaltyPoints FROM user WHERE username = '{$_SESSION['username']}'";
$result = $mysqli->query($query) or die($mysqli->error);

if($result->num_rows > 0) {
    while($row = $result->fetch_assoc()) {

    //  echo $row['firstName'];
    //  echo $row['lastName'];
    //  echo $row['username'];
    //  echo $row['password'];
    //  echo $row['loyaltyPoints'];

        foreach($row as $val) {
            echo "$val <br/>";
        }
    }   
} 

else {
    echo 'not found';
}

?>

<html>

<head>  
</head>
<body>
Welcome! Click here to <a href="logout.php" tite="Logout">Logout.</a>
    or here to go to the home page --> <a href ="INDEX.html">HOME</a>
</body>
</html>
Kevin
  • 41,694
  • 12
  • 53
  • 70