-1

In a database I have messages and in the row I have count. This would go to (1) or (2) depending on how many messages the user has from admin (this part works).
Here is a bit of my code, I would like the count to return to zero when user clicks on the messages.php. 

<?php
$user = $_SESSION["username"];
$result = $mysqli->query("SELECT * from messages where email='".$user."'");
if($result) {
while($obj = $result->fetch_object()) {        
echo "<li><a href=messages.php>Messages (". $obj->count .")</a></li>";
 }
 } 
 ?>

This is on localhost and have not added any security on SQL injection yet, I'm just trying to get the code to work first.

Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
user9726018
  • 1
  • 1
  • 2
    Tip: don't wait to "fix" your injection errors. Do it right away, that way you cannot forget it, and you train your muscle memory. – Bart Friederichs May 01 '18 at 15:09
  • I swear that I saw this very same question earlier this morning. Betting that same user was deleted and the question went with it. – Funk Forty Niner May 01 '18 at 15:39
  • @FunkFortyNiner How is this a duplicate of those two questions. He hasn't any errors, he's asking how to proceed with his code. – Tschallacka May 01 '18 at 15:57

1 Answers1

0

The query you're looking for to place in messages.php is:

if ($stmt = $mysqli->prepare("UPDATE row SET count=0 WHERE email=?")) {

    /* bind parameters for user email*/
    $stmt->bind_param("s", $user);

    /* execute query */
    $stmt->execute();
}

I assumed you are keeping the unread messages count in a table called row, but i'm not sure because your question was not clear on your database layout.

Tschallacka
  • 27,901
  • 14
  • 88
  • 133
  • im probably doing something wrong? getting this error Fatal error: Call to a member function prepare() on a non-object in /storage/emulated/0/htdocs/messages.php on line 10 any ideas – user9726018 May 01 '18 at 15:29
  • 1
    did you remember to include your database connection script, the one where you setup your database connection and initialize the $mysqli variable you're using in your code example? – Tschallacka May 01 '18 at 15:31
  • ah i put it before my config file now my index.php shows up with no image even though its still in the folder and alslo my jquery aint working to open my navbar same for about.php all other pages work fine, dont know whats happened? – user9726018 May 01 '18 at 15:51
  • You need to analyze all the things you need. Ideally you will have one file: "loader.php" in wich you include everything you need to be set up. Third party libraries, database connections, configurations, constants, etc... Then in your display files you include only loader.php. that way you leave the logic of loading everything to loader.php, and in your production files you can rest assured that everything is initialized. I suggest you rework your php files to reflect such a workflow. – Tschallacka May 01 '18 at 15:59