1

So, I just want to get data from a table with username, that is the same as the logged in username. Something like this, but this is not working.

$result_events = "SELECT * FROM task WHERE $_SESSION['username'] = $username;";

Error:

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting '-' or identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in /storage/ssd1/202/9375202/public_html/calendario.php on line 9

Laura
  • 8,100
  • 4
  • 40
  • 50
Gpsi Turma
  • 11
  • 3

1 Answers1

1

You need to change this line

$result_events = "SELECT * FROM task WHERE $_SESSION['username'] = $username;";

To

   $tempUserName=$_SESSION['username'];
   $result_events = "SELECT * FROM task WHERE username = '$tempUserName'";

I would like to highlight two things first in your code you are using where clause not in proper way because $_SESSION['username'] must be a column name according to your code

And the second thing is that usually we store usernames in string i.e varchar format in DBMS so when we use it in where clause we need to make sure that it is a string that we are trying to compare.In your code you are missing that single quote around username

AgentP
  • 6,261
  • 2
  • 31
  • 52
  • Depending on how you save the username to the session variable, make sure to prevent SQL Injections. – Kryptur May 20 '19 at 15:40
  • As @Kryptur said make sure prevent SQL injections, read about [What is SQL Injection ?](https://stackoverflow.com/questions/601300/what-is-sql-injection) – AgentP May 20 '19 at 15:45