-1

I'm trying to echo out the information in the database profile in a session called $_SESSION['about'], but whenever I echo it out nothing shows. I want it to show the information in the about_me table.

I inserted the information into my database and tried setting it to a session and using it on other pages to no avail. 

if(isset($_POST['aboutme-submit'])){

    require 'profiles.dbh.inc.php';

$about = mysqli_real_escape_string($conn2 ,$_POST['aboutme']);

$sql3 = "INSERT INTO profile(about_me ) VALUEs('$about')";
mysqli_query($conn2, $sql3);

$query = "SELECT * FROM profile WHERE about_me;"; 
$result = mysqli_query($conn2, $query); 
$result_check = mysqli_num_rows($result);
if ($result_check > 0){
    while ($row = mysqli_fetch_assoc($result)) {
   }
}
session_start();
$_SESSION['about'] = $row['about_me'];
header("Location: ../profiles.php?nice.")

I expect the output of the information in the about_me row to be shown when I use $_SESSION['about'], but the actual output is nothing at all.

Kuya
  • 6,423
  • 4
  • 15
  • 31
  • `header('Location: ...');` is missing an `exit();` after it. Have you tried to output `$_SESSION['about']` after it is stored? Seems it may be rewritten somewhere else in your code. Also, what is the value of `$row['about_me']` make sure it isn't null or empty. – Jaquarh Jul 19 '19 at 06:31
  • 1
    **Warning:** You might be open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should really use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/en/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Never trust any kind of input, especially that which comes from the client side. Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). – Dharman Jul 19 '19 at 06:31

1 Answers1

1
if ($result_check > 0){
    while ($row = mysqli_fetch_assoc($result)) {
   }
}

The way such a loop over a database result set works, is that it loops as long as $row contains a non-empty data structure - and after the last record was processed, the fetch function will return NULL on the next call, which makes the loop end at that point.

 $_SESSION['about'] = $row['about_me'];

Because you did this after the loop, $row doesn’t contain any data at this point, it is NULL - and accessing a property about_me “of” NULL of course doesn’t return anything.

(Please go enable proper PHP error reporting first of all now - then PHP has a chance to tell you about such errors. See f.e. How do I get PHP errors to display? )

So your problem here is not the session itself, but that the moment you are trying to write your data into it - you don’t actually have your data any more. You need to work with $row inside of the loop, not afterwards, when it has been overwritten with NULL.

(If you only expect one record to be returned, you don’t need to loop though. But if you do expect multiple records and loop over them, then you might want to add them to an array in the session, otherwise only the last value will survive, if you overwrite the session entry every time.)

misorude
  • 3,136
  • 2
  • 6
  • 16