0

II can't retrieve data from database .It doesn't show error but can't retrieve data. I try to check database but I m not sure is it relate to? 

//check for a form submissiom
if(isset($_GET['username']) && !empty($_GET['username']))
 {
    $username = $_GET['username'];
mysql_connect("localhost","root","") or die("could not connect to the server");
mysql_select_db("users") or die("the database could not be found! ");
$userquery = mysql_query("SELECT * FROM users WHERE username=$username") or die("the query could not be complete please try again later");

if (mysql_num_rows($userquery) !=1){

    die("that username could not be found");
}
while ($row = mysql_fetch_array($userquery,MYSQL_ASSOC)){
    $Firstname = $row['Firstname'];
    $Lastname = $row['Lastname'];
    $email = $row['email'];
    $username = $row['username'];

    }
    if ($username !=$dbusername){
        die ("there has been a fatal error.Please try again");


    }
  }
 ?>
Nicky Levine
  • 3
  • 1
  • [Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Jay Blanchard Feb 18 '16 at 14:46
  • Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Feb 18 '16 at 14:47
  • is `$username` a string by any chance? sure smells like it to me. – Funk Forty Niner Feb 18 '16 at 14:48
  • and this didn't help you at all `die("the query could not be complete please try again later")` this would have `die(mysql_error())`. – Funk Forty Niner Feb 18 '16 at 14:50

0 Answers0