Click here to Skip to main content
15,749,288 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
From a user signup database I want to show some specific tables from database according to user. Like in your social media profile you have only your informration. But my code showing id(auto incremented) is undefined.

What I have tried:

$db = mysqli_connect('localhost', 'root', '', 'regi');
$sql = "SELECT * FROM user where id='$id'";
$records= mysqli_query($db, $sql);
	 $_SESSION["username"][]= $row["username"];
Updated 19-Aug-19 0:39am
Richard MacCutchan 19-Aug-19 6:33am    
Where is id defined, and where is $id defined?
mehdiazizrafi 19-Aug-19 10:05am    
*id* is from table user of database *regi*. How can I define $id?
Richard MacCutchan 19-Aug-19 10:24am    
But the error message says it is undefined, so something is not correct here.
mehdiazizrafi 19-Aug-19 11:22am    
yes i know its undefined. I asked here just to find out how can I define it.

But my code showing id(auto incremented) is undefined.

We need to know the structure of database.
$id is a php variable injected in the sql query, but it is not defined in the code snipset.
$sql = "SELECT * FROM user where id='$id'";

Not necessary a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]
Share this answer
mehdiazizrafi 19-Aug-19 10:07am    
so, how can i solve this "SQL injection"?
Patrice T 19-Aug-19 10:10am    
see links in solution to learn about sql injection
mehdiazizrafi 19-Aug-19 11:22am    
yeah. going through. Thanks mann
You need to look at this in the context of the whole system: most likely you need to look at the definition of your user table in your DB and check if it includes a column called "id". If it doesn't, then you will get an SQL error when you try to select it.
Share this answer
mehdiazizrafi 19-Aug-19 10:09am    
yes. it has four column: id(ai), username, email, password
OriginalGriff 19-Aug-19 10:32am    
Then use the debugger to find out exactly where the error message is, and check you are connected to the right DB.
mehdiazizrafi 19-Aug-19 11:23am    
OriginalGriff 19-Aug-19 11:37am    
How have you got to the point of writing code without knowing what a debugger is, and how to use it?

Off to Google with you! :laugh:

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900