Sql derived session variable not querying database on server

Well, you can turn on errors for testing on any php page with these two commands at the top of the page:
error_reporting(E_ALL);
ini_set(“display_errors”, 1);
Do not leave these on in your live site. You don’t want to show users your error messages.

Then, show any MySQLi errors by testing for them. Loosely like this, not tested, just an example…

// Perform a query, check for error
if (!mysqli_query($con,“INSERT INTO Persons (FirstName) VALUES (‘Glenn’)”)) {
echo("Error description: " . mysqli_error($con));
}

In your code, you could run a query, then check to see if the there are any results using myslqi_num_rows and check for errors, too. If rows were found and no errors, then run the actual WHILE loop to get the data…

whats the code you use to connect to the database?

I like your solution. You are correct since $SESSION[id] was also declared. Please, give me a sample code that uses JOIN, session id to query table with country match.thanks

I created a connect.php and included the code in the head of all the pages. Thanks

And what is in the connect.php file?

You can find countless examples of sql JOIN queries already posted on the web and in the documentation for your database server type.

Another point for a good user experience on any page on your web site. All input data should be validated before using it. Since the country input (or the session user id) is ‘required’ for a page to produce correct output, you should validate that it is not empty. If it is empty, set up and display an appropriate user message. Only use the input value it is passes validation. If you end up always getting the user message that a required input is empty, that narrows down the problem to that specific input.

Oladupipo, There is so many issues in the samples you gave us. First, you need to learn about prepared statements. These protect your server from hackers. Also, MySQLi is NOT as secure as PDO. Most professional programmers now use PDO instead. Here is a link to a site which explains both of these.
It might help you get started converting to Prepared-Statements and also PDO. Prepared-Statements
Next, in your example I am showing above, you use a WHILE statement which is not needed if you are
only getting one row of data. Therefore, if you create a query to pull a user’s information, you only need
the one row of data. If you save this data into the SESSION array, the name is $_SESSION[ ] NOT the
$SESSION[ ] that you used. Please note the underline. Also, you create a fetch of an array of data, but,
I think you want to use mysqli_fetch_assoc() instead since you use $row[“country”] which is not an array
index, but an associated index. Lastly, as was mentioned by Astonecipher, you get the $row of data,
and that value does not need to be set again. You can store the data into the SESSION array, but,
you do not need to assign the $country variable twice in a row.

Fix all of these problems and then post if it works or if you have further problems. Good luck!

Okay. Thanks. I appreciate your inputs.

<?php
//This is placed inside index.php
session_start();


 //This is connect.php

 $email='oladipupo@gmail.com';
 mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
 error_reporting(E_ALL);
$con=mysqli_connect("localhost","find","FIND__2019","y_wheremarket");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
 
 

 
 //this is register.php
 
 $query = "SELECT * FROM user WHERE email='{$email}' ";
  	$results = mysqli_query($con, $query);
  	if (mysqli_num_rows($results) == 1) {
 if ($row = mysqli_fetch_assoc($results)) {
		 
		
	$_SESSION['country'] = $row['country'];
	 
	

 $_SESSION['id'] = $row['id'];


	 }
	 
	 }
	 
	
	  if (isset($_SESSION['country'])){$country=$_SESSION['country'];} else {echo("Error description: " . mysqli_error($con));}
	 
	  
	// this is index.php. head.php and connect.php are included in this index.php
	 
	 $result = mysqli_query($con,"SELECT * FROM market WHERE country='{$_SESSION['country']}'") ;
	 
	 if (!mysqli_query($con,"SELECT * FROM market WHERE country='{$_SESSION['country']}'")) {
echo("Error description: " . mysqli_error($con));
}

while ($row = mysqli_fetch_assoc($result)) {echo $row['name']."<br>"; } 

?>

The code can echo $country, It can echo $_SESSION[‘country’], it can echo $_SESSION[‘id’] on the ipage server but not query market table. All is working fine on localhost. I have implemented error reporting. The only thing I have not done is PDO. Thanks. Problem persist. My php version is 5.2.2 on localhost.

That is a really ancient version. Anyway you can update it to at least 5.6?

It appears nothing is in that table that matches what you want. I would go into PHPMyAdmin and check the table to ensure it has what you think it does.

help

That is the result on localhost. No error showed on server as to why it does now query anything. If $id generated from $_SESSION[‘id’] is used it will query on server.

That doesn’t follow what I said to do. My guess is nothing is actually wrong, but your database is not seeded.

I don’t understand the term seeded. The database on the server is populated. If I used $_SESSION[country]= ‘Ghana’, it will bring result on the server.this when the variable is not assigned from database table user result.

Your Php is over 300 releases out of date. The first thing you need to do is update your Php to a current version. Current release is version 7.4

You could have mentioned that. Then you should assign a default value to every user, or send an error message that they don’t have a country assigned. You are directly depending on a country being assigned to a user, so if that value isn’t present of course you will have an issue with the query when one doesn’t exist.

It sounds like the session_start() is failing (on one or both pages), which would be producing a php error. Do you have php’s error_reporting set to E_ALL (it should always be this value) and temporarily for debugging do you have php’s display_errors set to ON or do you have php’s log_errors set to ON and you are checking the web server’s error log? All of the php error settings should be in the php.ini on your system, so that they can be set or changed at a single point.

You could also be redirecting and changing the url (host name, i.e. WWW in a url vs no WWW in a url) such that a session started on one page doesn’t exist on the second page.

What does adding var_dump($_SESSION); immediately after the session_start() show?

This also points out a lack of validation and User eXperience (UX) logic in your code. If you were validating inputs and testing if queries (didn’t) match any rows, and were outputting useful messages in these cases, your code would help you pin down that cause of the problem. You do have logic testing if a query matches any row(s), but it doesn’t do anything for the false/else case.

You need to validate inputs to your code. If a ‘required’ input is not present, set up a message telling the user what required input is missing. If an input is optional, set up a default value for it when it doesn’t exist. If a database query is expected/required to match data for the page to work, but it doesn’t, set up a message telling the user that a required piece of data wasn’t found. If data from a database query is optional, set up a default value for it when it doesn’t exist.

BTW - because you set the mysqli error mode to use exceptions, none of the discrete error handling logic in your code will ever be executed and should be removed. On a mysqli error, execution will transfer to the nearest exception handling, which will be php if you don’t have any in your code.

Is nobody going to point out that $country =$SESSION[`country`]; is written wrong? That could be exactly why your program is failing. It’s supposed to be $country = $_SESSION['country'];

1 Like

Thanks for your assistance. The idea of $country =$SESSION[country]; written wrong is not as it is. The code were written correctly here like $country = $_SESSION[‘country’]. I used a new phone for which i am still learning its new keyboard pattern to send the message. Could it be the the properties of the country column on users must have strong similarities with the column country on market. Although, the two are varchar.

Sponsor our Newsletter | Privacy Policy | Terms of Service