Get data from multiple table at $_SESSION PHP

Question

currently I want to get two different data from two tables when users login to the system. The entitle table is "user","user_staff" and "user_group". But when the user enter its username and password and submit it prompt "Fatal error: Call to a member function fetch_array() on a non-object in C:\xampp\htdocs\auditsystem\index.php on line 26"

Below are the code:

if($username!= "" && $password != "")
{
//INNER JOIN user_group_module_role ON user.user_group_module_role_id = user_group_module_role.id
    $result =  $db->query("SELECT * FROM user 
                            INNER JOIN user_staff ON user.user_staff_id = user_staff.id
                            WHERE username = '$username' AND password = '$password'"); 



    if($result->num_rows == 1)
    {
        $validate = $result->fetch_assoc();

        $query1 = "SELECT * FROM usergroup WHERE id = $validate[user_group_id]";
        $result1 = $db->query($query1);
        $row1 = $result1->fetch_array();
        //change here for the authority 
        $_SESSION['user_staff'] = $validate['displayname'];
        $_SESSION['usergroup'] = $row1['user_group_type'];
        echo "<script language='javascript'>window.location='panel.php'</script>"; 
    }
    else
    {
        echo "<script>alert('Sorry, wrong username and password please check.')</script>";
    }
}

1) you have to wrap arrays in `{}` inside of double quotes. 2) you want to wrap the index in single quotes: `$query1 = "SELECT * FROM usergroup WHERE id = {$validate['user_group_id']}"; — Twisty, Nov 04 '15 at 01:43
Your second query fails, and since you have no check, `$result1` is null/false, and has no member functions. — Twisty, Nov 04 '15 at 01:45
Possible duplicate of [mysqli - fetch\_Array error call to a member function fetch\_array() on a non-object mysqli](http://stackoverflow.com/questions/14639965/mysqli-fetch-array-error-call-to-a-member-function-fetch-array-on-a-non-obje) — Nick DeFazio, Nov 04 '15 at 01:47
Possible duplicate of [Reference - What does this error mean in PHP?](http://stackoverflow.com/questions/12769982/reference-what-does-this-error-mean-in-php) — Sherif, Nov 04 '15 at 01:50

score 5 · Accepted Answer · answered Nov 04 '15 at 01:50

5

Your query is malformed and is failing. This makes $result1 null/false. Your queries are also vulnerable to SQL Injection!

if($username!= "" && $password != ""){
//INNER JOIN user_group_module_role ON user.user_group_module_role_id = user_group_module_role.id
    $result =  $db->query("SELECT * FROM user INNER JOIN user_staff ON user.user_staff_id = user_staff.id WHERE username = '$username' AND password = '$password'"); 
    if($result->num_rows == 1){
        $validate = $result->fetch_assoc();
        $query1 = "SELECT * FROM usergroup WHERE id = {$validate['user_group_id']}";
        if($result1 = $db->query($query1)){
            $row1 = $result1->fetch_array();
            //change here for the authority 
            $_SESSION['user_staff'] = $validate['displayname'];
            $_SESSION['usergroup'] = $row1['user_group_type'];
            echo "<script language='javascript'>window.location='panel.php'</script>"; 
        } else {
            echo "<script language='javascript'>alert('SQL Error.');</script>";
        }
    } else {
        echo "<script>alert('Sorry, wrong username and password please check.')</script>";
    }
}

answered Nov 04 '15 at 01:50

Twisty

30,304
2
26
45

Hi bro, is there possible to add another query to insert into log_record? $query = "INSERT INTO user_log_record(username, ipaddres) VALUES ('$username', '$ip')"; $result = $db->query($query); – Andrew Nov 05 '15 at 02:01
You will not get a result set from an `INPUT` query. But yes, you can execute another Query the same way: `$db->query($query);` – Twisty Nov 05 '15 at 02:33
hi bro, how if I want to add another query for select? the code are correct? if($result->num_rows == 1){ $validate = $result->fetch_assoc(); $query1 = "SELECT * FROM user_group WHERE id = {$validate['user_group_id']}"; $query2 = "SELECT * FROM user_role WHERE id = {$validate['user_group_module_role_id]}"; if($result1 = $db->query($query1)){ $row1 = $result1->fetch_array(); //change here for the authority $_SESSION['user_staff'] = $validate['displayname']; $_SESSION['user_group'] = $row1['user_group_type']; how to add at "if" method/ – Andrew Nov 06 '15 at 03:45
I think this should go into it's own question or you need to dig around more. – Twisty Nov 06 '15 at 06:33
Also in that, you're missing a single quote. Should be: `$validate['user_group_module_role_id']` – Twisty Nov 06 '15 at 06:38

Get data from multiple table at $_SESSION PHP

1 Answers1