PHP database query

Question

So i'm trying to use this script to check whether a members "Subscription" is active on my website.

1 Being Yes 0 Being No

Right now i'm just trying to display the result of the query and it does not show up on screen.

If anyone could help it would be greatly appreciated.

<?php
require_once 'config.php';
// If session variable is not set it will redirect to login page
if(!isset($_SESSION['username']) || empty($_SESSION['username'])){
header("location: login.php");
exit;
}

$query = "SELECT Subscription FROM users WHERE username="$_SESSION['username']"";

$link = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);

$result = mysqli_query($link, $query);

?>


<!DOCTYPE html>

<html>
<head>Test</head>

<body>
<h1> Subscription= <?php echo htmlspecialchars($result); ?></h1>

</body>

</html>

Parse error because of `"` in query. Use http://php.net/manual/en/mysqli-stmt.bind-param.php — AbraCadaver, Aug 20 '18 at 20:38
Also `$result` will be a result object, you can't echo that. You'll need to fetch. — user3783243, Aug 20 '18 at 20:39
Way too many things wrong here. The session array is most likely a string but you're treating it as an integer. — Funk Forty Niner, Aug 20 '18 at 20:41
Also don't need the `!isset` and `empty` check. If it isn't set it is `empty`. — user3783243, Aug 20 '18 at 20:47
"Also don't need the !isset and empty check." you need to use `isset` or `empty` functions @user3783243 otherwise you ***can*** get PHP notices.. — Raymond Nijland, Aug 20 '18 at 20:51
@RaymondNijland Yes, but not both. If it isn't set is is already known to be empty. — user3783243, Aug 20 '18 at 20:54
@RaymondNijland You don't need both. You really just need the `empty()` call, I just tried this with every PHP version from 4.4.9 to 7.2.4 on [PHP Sandbox](http://sandbox.onlinephpfunctions.com/code/aa71db42ba4ecb51c766e80f99c61497d06a14f9) and never got any notices or errors. — GrumpyCrouton, Aug 20 '18 at 20:55
"Yes, but not both" @user3783243 and @GrumpyCrouton true i misreaded and misunderstand the comment "Also don't need the !isset and empty check. If it isn't set it is empty" .. i misunderstanded from that comment that he totally didn't need the `isset` and `empty` function — Raymond Nijland, Aug 20 '18 at 21:06

score 0 · Answer 1 · answered Aug 20 '18 at 20:54

A little mercy:

<?php
require_once 'config.php';

// If session variable is not set it will redirect to login page
if(!isset($_SESSION['username']) || empty($_SESSION['username'])){
    header("location: login.php");
    exit;
}

// initialize variable
$yes_no = 0; 

// note string syntax; curly bracing is helpful with bracket and object notation;
// also, single quote as username is likely not a non-string type in the database
$query  = "SELECT Subscription FROM users WHERE username='{$_SESSION['username']}'";

$link   = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
$result = mysqli_query($link, $query);

if ($result && $result->num_rows) {

    $yes_no = $result->num_rows;
}


?>
<!DOCTYPE html>
<html>
    <head>Test</head>
    <body>
        <h1> Subscription= <?php echo $yes_no; ?></h1>
    </body>
</html>

Fixing the string variable $query should allow this to run, as noted by AbraCadaver. Initializing a variable will help quiet the error log, and testing the results of a DB operation is SOP that you should start using as soon as you can grok it.

Note also that I've just fixed your test. If you really want to display something useful (perhaps a subscription ID?), then you will have to do a fetch-type operation as user3783243 pointed out. — Kevin_Kinsey, Aug 20 '18 at 20:56
Thanks for the help, changed your code up a little and got what I needed to work. Really new to php so yeah....... thanks — user10251809, Aug 20 '18 at 23:40

PHP database query

1 Answers1