0

for the past few i have been trying to get the ID of the event a user registers to inside the URL in order to show all details in that event.

Ive tried Get data from MySQL database by specific id in url But it doesnt seem to work for what i am trying to do. Or i am doing it wrong, i got more progress with this code

     <?php
if(isset($_SESSION['user_id'])){
    $userid = $_SESSION['user_id'];
    $QUERY3 = mysqli_query($DB, "SELECT * FROM `registration` WHERE `user_id`='$userid'");
    $GETEVENTZ = mysqli_fetch_array($QUERY3);
}
?>
    <?php 
    $eventid = $GETEVENTZ['event_id']; 
    echo '<li> <a href="leaderboard.php?eventid='.$eventid.'"><i class="icon icon-list"></i><span>Leaderboards</span></a> </li>'
?>

Just to try and get the ID in but im getting a normal page with the url being 

leaderboard.php?eventid=

and no ID after, no errors are popping up, page and everything loads, just doesnt add ID. cant seem to find the issue

Clout Cloud
  • 31
  • 1
  • 10
  • What is the output of `var_dump($eventid)` or `print_r($eventid)`? Somehow I get the impression that `$eventid` is not a string that can be echoed. – tshimkus Mar 11 '19 at 02:38
  • `$var_dump($GETEVENTZ);` Ensure query does not fail. Use prepared statements even if you believe your injected data is safe. https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php/60496#60496 – Pinke Helga Mar 11 '19 at 02:45

4 Answers4

0

Since your are using: $GETEVENTZ = mysqli_fetch_array($QUERY3);

Your code is expecting an array return. So you cannot just simply use: $eventid = $GETEVENTZ['event_id'];

A quick fix can be $eventid = $GETEVENTZ[0]['event_id'] if you are expecting a single row return from your query.

But the proper way to handle this is to use mysqli_fetch_row() instead.

You can also dump the result set first to debug what your query is returning.

sitaw
  • 28
  • 4
  • what i am trying to do is show content on a page based off event ID, because each ID has different data, but i cant seem to get the ID in the URL with any of these codes – Clout Cloud Mar 11 '19 at 03:30
  • Yup, I get that you want to display different data based on event_id. But can you dump $GETEVENTZ? What do you get? – sitaw Mar 11 '19 at 03:39
0

The session super global is not the one to use. Use $_GET to get information from the URL. 

<?php
if(isset($GET['user_id'])){
    $userid = $GET['user_id'];

    $mysqli = new mysqli("localhost", "my_user", "my_password", "world");

    /* check connection */

    if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        exit();
    }

    $query3 = "SELECT * FROM `registration` WHERE `user_id`=?";

    if($stmt = $mysqli->prepare($query3)) {
      $stmt->bind_param("s", $userid);

      $stmt->execut();
      $result = $stmt->get_result();
    }

}
?>



<?php 

// this section does not demonstrate getting the value from $result
// I will update answer later, must research mysqli more. 
     echo '<li> <a href="leaderboard.php?eventid='.$eventid.'"><i class="icon icon-list"></i><span>Leaderboards</span></a> </li>'
?>

Disclaimer: I don't use mysqli, so my answer is a best guess on that portion. Be sure to research how to properly use prepared statements at http://php.net/manual/en/mysqli.prepare.php

Tim Morton
  • 2,614
  • 1
  • 15
  • 23
  • This still seems to give me a blank url and for user_id you put ? what am i supposed to exactly put there, (still new to php) wouldnt that be the $_SESSION['user_id'] – Clout Cloud Mar 11 '19 at 03:31
  • The question mark is a placeholder for a prepared statement. Then you bind a value to it and execute the statement. You should never, ever use untrusted user input directly in a query. As for session variable, this would be something that you had set in a previous page. I don’t see any evidence that you have done this. As for the value of event_id, I misread your code—too sleepy. That requires getting a value from the database and mysqli has such an odd interface that I would have to take a lot of time to figure out its idiosyncrasies – Tim Morton Mar 11 '19 at 04:08
  • What you need to do is break this problem into single issues. Your first issue is just accessing the user_id. Once you demonstrate to yourself that you have captured user_id, then you can tackle getting a result from the database. After that, figure out how to display the info. Your question is about step 3 but you must first solve the 2 steps before. – Tim Morton Mar 11 '19 at 04:14
0

Try this, Hopefully it will work. 

<?php
$DB = new mysqli("localhost", "my_user", "my_password", "my_db");
/* check connection */
if ($DB->connect_errno) {
    printf("Connect failed: %s\n", $DB->connect_error);
    exit();
}
if(isset($_SESSION['user_id'])) {
    $userid = $_SESSION['user_id'];
    $QUERY3 = "SELECT * FROM registration  WHERE user_id='$userid'";
    $result = $DB->query($QUERY3);
    $GETEVENTZ = $result->fetch_array(MYSQLI_ASSOC);
    $eventid = $GETEVENTZ['event_id']; 
    printf ("%s", $eventid);
}
echo '<li> <a href="leaderboard.php?eventid='.$eventid.'"><i class="icon icon-list"></i><span>Leaderboards</span></a> </li>';
?>
Makdia Hussain
  • 744
  • 3
  • 11
0

Answer -

Session id was labeled (userid) instead of (user_id)

then after i stated if user session has user ID then print the event ID and then show page, which then it redirects me to the correct page with ID of event

<?php
    if(isset($_SESSION['user_id'])){
        $GETUSRID = $_SESSION['user_id'];
        $GETRANKD = mysqli_query($DB, "SELECT * FROM `registrations` WHERE `user_id`='$GETUSRID'");
        $GETRD = mysqli_fetch_assoc($GETRANKD);



 $eventid = $GETRD['event_id']; 
    printf ("%s", $eventid);
}
echo '<li> <a href="leaderboard.php?eventid='.$eventid.'"><i class="icon icon-list"></i><span>Leaderboards</span></a> </li>';
Clout Cloud
  • 31
  • 1
  • 10