Difficulty fetching data from logged in user

Question

I've defined a system in which there is a profile settings defined for logged-in users, in this page which is called "profileset.php", I defined a set of query to fetch the required data, however I end up having an error I don't know why. The first segment of code belongs to my login.php as you can see below :

<?php
session_start();
if($_POST) {

    $q = "SELECT * FROM users WHERE email = '$_POST[email]' AND password = SHA1('$_POST[password]')";
    $r = mysqli_query($dbc, $q);

    if(mysqli_num_rows($r) == 1) {
        while($list = mysqli_fetch_assoc($r)) {
            $_SESSION['user_id'] = $list['id'];
        } 
        $_SESSION['username'] = $_POST['email'];
        header('Location: index.php');

    }

}

 ?>

The second segment of code is in profile setting page, where users are allowed to see their basic profile info's first, so here it is :

    <?php

    session_start();

    $query = mysqli_query("SELECT * FROM users WHERE id = '".$_SESSION['user_id'] ."' ")or die(mysql_error());
    $arr   = mysqli_fetch_array($query);


     ?>

and after the query, there's a form in which I call it, for example for the first name, like this :

        <label for="first">First Name</label>
        <input class="form-control" type="text" name="first" id="first" value="<?php echo $arr['first']; ?>" placeholder="First Name" autocomplete="off">

To my logic, everything is in place, but somehow it ends up with a blank page, any help is appreciated.

I suppose you have a typo in session_Start, must be all lowercase. — MrTux, Sep 08 '14 at 05:31
btw this might help debugging: http://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display — MrTux, Sep 08 '14 at 05:33
Hello, yes I've started the session in all the pages, and session_start is not in capital, it's not a syntax error my friends, it may be a logical thing i'm doing wrong — Escape Character, Sep 08 '14 at 05:33
You should consider using prepared statements as you are vulnerable to sql injection — MrTux, Sep 08 '14 at 05:35
try `mysql_fetch_row` instead `mysql_fetch_array`. and please avoid mysql_* functions. — iLaYa ツ, Sep 08 '14 at 05:38
changed it to "mysql_fetch_row", nothing changed, page is blank. — Escape Character, Sep 08 '14 at 05:40
Seems like you're mixing extensions; you can't use a connection object created for MySQLi with the MySQL methods. — Tieson T., Sep 08 '14 at 05:40
Are you getting values by printing an array? `print_r($arr);` — iLaYa ツ, Sep 08 '14 at 05:41
No, nothing appears on the page... I've just added "print_r($arr);" after my query, the whole page is still blank, I don't know why even the forms faded out ..... — Escape Character, Sep 08 '14 at 05:43
Do `echo "SELECT * FROM users WHERE id = '".$_SESSION['user_id'] ."' ";` and run that query in ***phpMyAdmin*** or any mysql component! Check if you're getting records there! — Shaunak Shukla, Sep 08 '14 at 06:06
Tried, ended up with this error --> : #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'echo "SELECT * FROM users WHERE id = '".$_SESSION['user_id'] ."' " LIMIT 0, 30' at line 2 — Escape Character, Sep 08 '14 at 06:12
:D, `echo "SELECT * FROM users WHERE id = '".$_SESSION['user_id'] ."' ";` in your php file i.e. your profile page.. it'll render your query to browser, and then copy it and run it in *phpMyAdmin*! Need to know, are you getting `$_SESSION['user_id']`? — Shaunak Shukla, Sep 08 '14 at 06:31
Well, no I don't , here is the error ; Notice: Undefined variable: _SESSION in F:\Applications\Xampp\htdocs\series\dynamic\AtomCMS\admin\index.php on line 3 SELECT * FROM users WHERE id = '', Guess it doesn't get the $_SESSION['user_id'].... — Escape Character, Sep 08 '14 at 06:37
may be!! Will you add `echo $_SESSION['user_id']; exit;` to profile page after `session_start();` like this.. ` — Shaunak Shukla, Sep 08 '14 at 06:40
I got "1", which is the ID of the logged in user. so I guess we are getting it bro :P, by the way I did it in my index.... — Escape Character, Sep 08 '14 at 06:44

score 1 · Accepted Answer · answered Sep 08 '14 at 05:52

1

You missed connection variable $dbc

$query = mysqli_query("SELECT * FROM users WHERE id = '".$_SESSION['user_id'] ."' ")or die(mysql_error());

It should be

$query = mysqli_query($dbc, "SELECT * FROM users WHERE id = '".$_SESSION['user_id'] ."' ")or die(mysqli_error());

answered Sep 08 '14 at 05:52

iLaYa ツ

3,767
2
26
45

Well, the form appeared, but still i'm not fetching first, last and all those info's from the database..... – Escape Character Sep 08 '14 at 05:58

Difficulty fetching data from logged in user

1 Answers1