Click here to Skip to main content
15,038,237 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hello

I wish to compare values from a MySQL table named 'users' to the values in the arrays '
$foreignLang
and
$localLang
in order to produce different buttons based on what language the user had selected. The PHP code to extract what language the user selected works fine as it produces the intended result for that specific language in other cases however, I'm having trouble with the code below, which produces just the output of NULL through
var_dump($rowlang['language'])
when run no matter what language was selected by the user:

PHP
<?php

//search for language
$sqllang = "SELECT language FROM users WHERE username = '$userid'";
$reslang = mysqli_query($link, $sqllang);

if (!$reslang) {
    die('Query to retrieve language failed.' . mysqli_error($link));
}

$rowlang = mysqli_fetch_array($reslang);

//Define language arrays
$foreignLang = array("Spanish","French","Portuguese","Italian","German");
$localLang = array("English","Welsh", "Irish");

//Display output based on selected language
if (in_array($rowlang['language'], $foreignLang)) {
	echo '<button class="button1" type="submit" name="foreignlang">Foreign Languages</button>';
 } elseif (in_array($rowlang['language'], $localLang)) {
	echo '<button class="button1" type="submit" name="locallang">Local Languages</button>';
 } else{
	var_dump($rowlang['language']);
}
?>


PHP Version: 7.4.21

What I have tried:

I have tried both the PHP: in_array - Manual[^] and PHP: array_slice - Manual[^] but to no avail. The in_array function would be preferred if possible.
Posted
Updated 23-Jul-21 7:23am
v3
Comments
Richard MacCutchan 23-Jul-21 4:15am
   
I have tried your code and it works correctly, as far as the logic goes. So what is the value of $rowlang['language'], and what output do you get when you run it?
Matthew Rudman 23-Jul-21 4:21am
   
I get NULL printed to the screen, with no other information. No button appears as intended.
Richard MacCutchan 23-Jul-21 7:40am
   
Then obviously $rowlang['language'] does not contain anything. You need to find out why you are not getting valid data from your database.
Matthew Rudman 23-Jul-21 9:57am
   
All columns in the table are set to NOT NULL, and the language column values are exactly the same as the values in both arrays.
Richard MacCutchan 23-Jul-21 10:40am
   
That is irrelevant. The only thing that matters is what actual data you get when you run the code. And since we do not have access to your database we cannot test it for you.

<?php if ($rowlang['language'] == 'Spanish' OR $rowlang['language'] == 'French') {
	echo 'Click on the "Feeling Types" Button to move to the next section.</p>';
	echo "<br><br><br>"; 
	echo '<button class="button1" type="submit" name="actionSubTypes"  title="Click on me to go to the Feeling Types section.">Feeling Types</button>';
} 


The above code, for example, works, but I am looking to consolidate my code as I am going to be adding more languages in the future and the OR statement would become too lengthy. Any suggestions for using an array instead?
   
Comments
Richard MacCutchan 23-Jul-21 10:42am
   
I already told you that I tested it using in_array, and it works fine.
Matthew Rudman 24-Jul-21 12:32pm
   
I understand, I was just highlighting the fact that it reads and pulls from the same table in the database fine dong it this way, but not using the in_array function. I've double checked that all columns in the table are populated and that there is no empty or NULL value, but will try recreate the DB again and see. Thank you for your help! Much appreciated.
Richard MacCutchan 24-Jul-21 13:01pm
   
Right, but you still need to use the debugger to find out exactly what is happening in the failing situations.
PHP
$sqllang = "SELECT language FROM users WHERE username = '$userid'";

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900