Data is not fetched from MySQL database

Question

I am trying to fetch data from my data base, but it's not giving me any output. It's only displaying "All Charges". My code is below:

<?php
        include 'preCode.php';
        include 'header.php';

        echo '<body><div class="standardLayout">';
        include 'systemMenu.php';
        echo '<h4>All Charges</h4>';

          $user = unserialize($_SESSION['user']);
          echo $query = "SELECT * FROM billingItems WHERE userID=' " . $user-> userID .  " ' ORDER BY deliveryTimestamp DESC"; 
          $result = mysqli_query($db, $query);
         while ($row = mysqli_fetch_array($result)) {

        echo  $row['type'] . '<br>' . 
                'Cost: $' . $row['amount'] . '<br>' . 
                ' Finalized: ' . $row['deliveryTimestamp']  ;

}
        echo '</div></body></html>';

        $_SESSION['user'] = serialize($user);
        include 'footer.html';
?>

Here is the output from echo $query;:

All Charges object(user)#2 (11) { ["orders"]=> NULL ["fName"]=> string(6) "kimmie" ["lName"]=> string(4) "kaur" ["address"]=> string(10) "6768bbnmmn" ["phone"]=> string(11) "66767798898" ["email"]=> string(6) "kimmie" ["userID"]=> string(3) "108" ["password"]=> string(4) "kaur" ["passwordX"]=> NULL ["amountOwed"]=> string(1) "0" ["zip"]=> string(6) "768798" } SELECT * FROM billingItems WHERE userID=' 108 ' ORDER BY deliveryTimestamp DESC

`var_dump($user);` and please add what `echo $query;` is outputting — Machavity, Jul 07 '15 at 18:43
All Charges object(user)#2 (11) { ["orders"]=> NULL ["fName"]=> string(6) "kimmie" ["lName"]=> string(4) "kaur" ["address"]=> string(10) "6768bbnmmn" ["phone"]=> string(11) "66767798898" ["email"]=> string(6) "kimmie" ["userID"]=> string(3) "108" ["password"]=> string(4) "kaur" ["passwordX"]=> NULL ["amountOwed"]=> string(1) "0" ["zip"]=> string(6) "768798" } SELECT * FROM billingItems WHERE userID=' 108 ' ORDER BY deliveryTimestamp DESC — KKK, Jul 07 '15 at 18:53
It seems like my while loop is not working. Because its not printing anything after the echo $query. please help. — KKK, Jul 07 '15 at 19:01
@kim, I have fixed your grammar a bit, and I added your comment at the end - in the future, you should [edit] the question to include additional information, rather than put it in a comment. — Ajean, Jul 09 '15 at 20:11

score 0 · Answer 1 · answered Jul 07 '15 at 20:01

Seems to me that your query building is a problem, because this

$query = "SELECT * FROM billingItems WHERE userID=' " . $user-> userID .  " ' ORDER BY deliveryTimestamp DESC";

will give you this if the ID is "bob".

SELECT * FROM billingItems WHERE userID=' bob ' ORDER BY deliveryTimestamp DESC

You are embedding spaces around the ID, which doesn't match the contents of the column.

The safer way to do this is to use prepared statements and bind parameters so that you don't run into these kinds of bugs. It will also keep you safe from SQL injection. See this question for details: How can I prevent SQL-injection in PHP?

Thank you for your response but my query is still not working. — KKK, Jul 07 '15 at 20:50

Data is not fetched from MySQL database

1 Answers1