-3

I'm trying to create a chat, but I have no idea to show all messages. Any help will be appreciated.

here's my PHP Code:

    <?php        $user = $_SESSION['user_email'];
                if(isset($_GET['chatid']) !== $user){
                $chatuser = $_GET['chatid'];
             
                  $sql3 = "SELECT * FROM  message_from  WHERE message_from ='$chatuser' ";
                
                   
                $run_user3 = mysqli_query($conn,$sql3);

                while($row = mysqli_fetch_assoc($run_user3)){
                  $user_from_name = $row['user_from_name'];
                  $user_to_name = $row['user_to_name'];
                  $message_from = $row['message_from'];
                  $message_to = $row['message_to'];
                  $user_from_email = $row['user_from_email'];
                  $user_to_email = $row['user_to_email'];
                  
                     echo "$user_from_name,
                          You: $message_to,
                          $user_from_name,
                         $message_from"
                  

              }
}

----Here's SQL ----- 1 id Primary Key int(11) NOT NULL AUTO_INCREMENT,

2 user_from_id int(11) NOT NULL,

3 user_to_id int(11) NOT NULL,

4 user_from_name varchar(255) utf8mb4_general_ci NOT NULL,

5 user_to_name varchar(255) utf8mb4_general_ci NOT NULL,

6 message_from varchar(255) utf8mb4_general_ci NOT NULL,

7 message_to varchar(255) utf8mb4_general_ci NOT NULL,

8 user_from_email varchar(255) utf8mb4_general_ci NOT NULL,

9 user_to_email varchar(255) utf8mb4_general_ci NOT NULL

Anonymous 98
  • 11
  • 4
  • (Possible) side note: Do not use string interpolation or concatenation to get values into SQL queries. That's error prone and might make your program vulnerable to SQL injection attacks. Use parameterized queries. See ["How to include a PHP variable inside a MySQL statement"](https://stackoverflow.com/questions/7537377/how-to-include-a-php-variable-inside-a-mysql-statement) and ["How can I prevent SQL injection in PHP?"](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). – sticky bit Mar 27 '21 at 16:17
  • 1
    **Warning!!!** Your code is open for [SQL injection](https://en.wikipedia.org/wiki/SQL_injection), please use [prepared statements](https://www.php.net/manual/en/pdo.prepared-statements.php) preferably with [PDO](https://www.php.net/manual/en/book.pdo.php) or [mysqli](https://www.php.net/manual/en/mysqli.prepare.php). – biesior Mar 27 '21 at 16:21
  • Where is `$conn` set? Where is `$user` set? – brombeer Mar 27 '21 at 16:23
  • fyi, [isset()](https://www.php.net/manual/en/function.isset.php) returns `true` or `false` – brombeer Mar 27 '21 at 16:24

1 Answers1

0

Here is the Example to fetch the columns from the database. you can try.

<?php
$servername = "localhost";
$username = "YOUR_DB_USERNAME";
$password = "YOUR_DB_PASSWORD";
$dbname = "YUOR_DB_NAME";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
  die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT * FROM YOUR_TABLE_NAME WHERE message_from='Doe'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
  // output data of each row
  while($row = $result->fetch_assoc()) {
    $user_from_name = $row['user_from_name'];
      $user_to_name = $row['user_to_name'];
      $message_from = $row['message_from'];
      $message_to = $row['message_to'];
      $user_from_email = $row['user_from_email'];
      $user_to_email = $row['user_to_email'];

      echo $user_from_name + ", " + $user_to_name ", " + $message_from +", "+ $message_to + ", "+ $user_from_email + ", " + $user_to_email;
  }
} else {
  echo "0 results";
}
$conn->close();
?>
Ruhul Amin
  • 821
  • 11
  • 14
  • Please add your DB credentials properly and update your query properly $sql = "SELECT * FROM YOUR_TABLE_NAME WHERE message_from='Doe'"; – Ruhul Amin Mar 27 '21 at 17:55
  • What do you mean by DB credentials exactly? Sorry, but english is not my main languege... Well, it shows with two zeros, that it found two entries, but it's not displaying the entries. I splitted up the tables, I now have a table ,,message_from" and table ,,,message_to" – Anonymous 98 Mar 27 '21 at 19:48
  • I found the problem. It was because of the styling – Anonymous 98 Mar 27 '21 at 20:47