Selecting from id with sessions php?

Question

Right I have a session which is storing the number 5.

$_SESSION["UserRow"];

I also have a number sqeuence stored in a varible.

$noteSequence = 1234;

I'm running a query which finds the table row by the session valule and then sees if the $noteSequence matches with a row called note.

I'm currently running this query but it seems to be empty/not working...

$query = mysql_query("SELECT * FROM users WHERE id ='" . $_SESSION['UserRow'] . "' note='$noteSequence'", $connection);


 $row = mysql_fetch_array($query);
 $rows = mysql_num_rows($query);

 if ($rows == 1) {

  echo "Matched";
  }

   else{
    ('not matched');
     }

Help is appreciated

First, sanity check: "Is this information already stored in the database?", second: using the deprecated [mysql php extension](http://php.net/manual/pt_BR/migration55.deprecated.php) is bad. — joaumg, Jan 15 '16 at 00:41
Yuup the data is already in the database i'm wanting to check if the data matches. Thanks for your feedback i will look into it i'm new — Ryan Holmes, Jan 15 '16 at 00:44
Check this line. You're forgetting an AND `SELECT * FROM users WHERE id ='" . $_SESSION['UserRow'] . "' AND note='$noteSequence'", $connection` — Cyval, Jan 15 '16 at 00:44
Exactly what i'm looking for thanks for taking the time to answer very much appreciated. — Ryan Holmes, Jan 15 '16 at 00:48
[Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — Jay Blanchard, Jan 19 '16 at 16:16
Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). — Jay Blanchard, Jan 19 '16 at 16:16
You need to get in the habit of [accepting answers](http://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work) that help you to solve your issues. — Jay Blanchard, Jan 19 '16 at 16:18

score 0 · Answer 1 · answered Jan 15 '16 at 02:12

0

You are forgetting an AND in this line.

SELECT * FROM users WHERE id ='" . $_SESSION['UserRow'] . "' AND note='$noteSequence'", $connection

answered Jan 15 '16 at 02:12

Cyval

2,429
4
16
27

score 0 · Answer 2 · answered Jan 15 '16 at 02:30

Firts you forget the AND from your query.

and a little bit modification an it should look like this

$query = mysql_query("SELECT * FROM users WHERE id ='" . $_SESSION['UserRow'] . "' AND note='".$noteSequence."'", $connection);


 $row = mysql_fetch_array($query);
 $rows = mysql_num_rows($query);

 if ($rows == 1) {

  echo "Matched";
  }

   else{
    ('not matched');
     }

Selecting from id with sessions php?

2 Answers2