-2

I am creating a database fetch application and this is for test. All works fine but it fails to retrieve auto increment id from database. It says 'Undefined index id' if not defined id as null so i tried id = null but that shows nothing. My database has: email, password, id(AI, unique). What should i do to fetch id?

Code:

$email = "test@yahoo.com";
$password = "test";

$conn = mysqli_connect('localhost', 'root', '', 'users_database');

$query = "SELECT email, password FROM users_main_info WHERE email = '$email'";
$query_run = mysqli_query($conn, $query);

$em = null;
$pa = null;
$id = null;

while($row = mysqli_fetch_assoc($query_run)){
    $id = $row['id'];
    $em = $row['email'];
    $pa = $row['password'];
}

echo $id;
Bill
  • 71
  • 1
  • 9
  • Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) – RiggsFolly Jul 10 '17 at 14:00

1 Answers1

5

You need to correct your query:

$query = "SELECT id,email, password FROM users_main_info WHERE email = '$email'";

Try this I hope it will help.

Haris
  • 764
  • 4
  • 9
  • 27
  • no need to **try**!! it's what should be done – taha Jul 10 '17 at 13:59
  • Your answer is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) – RiggsFolly Jul 10 '17 at 14:00
  • Ooops! That was a silly mistake! Thanks a lot bro. Will mark as answer after 13 minutes because of stackoverflow warning. – Bill Jul 10 '17 at 14:00
  • 1
    @RiggsFolly This was a simple test to fetch id. Actually i have done everything to protect my database information. – Bill Jul 10 '17 at 14:01
  • Not in the code you show us – RiggsFolly Jul 10 '17 at 14:02
  • @RiggsFolly My main file didn't work so created this test file to try if the result was same – Bill Jul 10 '17 at 14:02
  • @RiggsFolly It's in the main file bro. Chill! – Bill Jul 10 '17 at 14:02
  • Mean while we still have a question with very dubious coding in it, and a similiar answer that others may see and copy – RiggsFolly Jul 10 '17 at 14:04
  • @RiggsFolly Sir I didn't want to confuse a newbie with prepared statements. – Haris Jul 10 '17 at 14:06
  • I am not a newbie @HK007! I have a lots of PHP Experience! I just did a silly mistake which i shouldn't repeat in near future! – Bill Jul 10 '17 at 14:11
  • @RiggsFolly OK, Bro! – Bill Jul 10 '17 at 14:16
  • @RiggsFolly I can't because i have marked HK007 answer as answered. Maybe among 7 billion some might find this useful :) – Bill Jul 10 '17 at 14:20