Click here to Skip to main content
14,331,020 members
Rate this:
Please Sign up or sign in to vote.
See more:
I was trying to avoid posting this here as I wanted to work it out for myself. Anyway, after a few days, I am starting to lose motivation and really want to pass this hurdle so I can move on to the next.

I am making an app for tarantula keepers that helps keep track of feeds, molts, re-homes etc.

I'm trying to echo out all of the spiders in the database next to the username of the logged in user. I will work out how I can make it visually appealing once I have a working function. I tried it with the column spiderName first but can't get it working and for the life of me, I can't work out how.

Here's my function. Let me know if you need anything else:

function showSpiders(){
    global $connection;
    
    
    $username = $_SESSION['username'];
    $query = "SELECT * FROM userspiders WHERE username = '{$username}'";
    $result = mysqli_query($connection, $query);
    
    
    
        while($row = mysqli_fetch_row($result)){
        $spiderName = $row['SpiderName'];
            echo "$spiderName";
        
    }
}


What I have tried:

I have tried using "WHERE username LIKE" too, but no joy. I have also tried hard-coding the username variable.
Posted
Updated 3-Sep-19 0:44am
v2
Comments
Richard MacCutchan 3-Sep-19 5:04am
   
What exactly is the problem? Are you sure that your SELECT clause is returning a valid result set?
Rate this:
Please Sign up or sign in to vote.

Solution 1

As an important first note, your query is vulnerable to SQL Injection[^]. Use prepared statements to prevent that:
PHP: Prepared Statements - Manual[^]
PHP: mysqli::prepare - Manual[^]

On to the error you have. "Undefined index" means that you're trying to access an element on an array that does not exist. There are two candidates here $_SESSION['username'] and $row['SpiderName']. The cause is either that the arrays do not contain what you expect, or that you're just using the wrong index. I can't figure that out for you, so you'll have to check yourself what your arrays contain. For this, you can use the print_r function:
function showSpiders(){
    global $connection;
    
    print_r($_SESSION); // prints contents of $_SESSION

    $username = $_SESSION['username'];
    $query = "SELECT * FROM userspiders WHERE username = '{$username}'";
    $result = mysqli_query($connection, $query);
    
    
    
    while($row = mysqli_fetch_row($result)){
        print_r($row); // print contents of $row

        $spiderName = $row['SpiderName'];
        echo "$spiderName";
    }
}
If these prints tell you that you've just been using the wrong index (for example, wrong capitalization usage), then it's an easy fix, just change your indices.

If the arrays turn out to not contain any of the information you need, then the mistake lies in other parts of your code. If the problem is with $_SESSION, ensure that your session variable gets correctly set and that you didn't forget your session_start[^]. if the problem is with $row, check the contents of your database and your column names.
   
Rate this:
Please Sign up or sign in to vote.

Solution 2

Quote:
Undefined index, error in my SQL?

We can't do much more than guessing with what you gave us.
If problem is in PHP, typically, username does not exist in $_SESSION
$username = $_SESSION['username'];

Use the debugger to get position of error and to look at the contain of variables.

If problem is in SQL, you need to check if username is a field of database. Are you sure about the {} around the username ?
$query = "SELECT * FROM userspiders WHERE username = '{$username}'";

-----
Not necessary a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]
-----
Your code do not behave the way you expect, or you don't understand why !

There is an almost universal solution: Run your code on debugger step by step, inspect variables.
The debugger is here to show you what your code is doing and your task is to compare with what it should do.
There is no magic in the debugger, it don't know what your code is supposed to do, it don't find bugs, it just help you to by showing you what is going on. When the code don't do what is expected, you are close to a bug.
To see what your code is doing: Just set a breakpoint and see your code performing, the debugger allow you to execute lines 1 by 1 and to inspect variables as it execute.

phpdbg | php debugger[^]
Debugging techniques for PHP programmers[^]

The debugger is here to only show you what your code is doing and your task is to compare with what it should do.
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100