开发者

How do I show a user's credit based on their session

问答 作者:

I'm developing a simple LAMP app where users can credit their account using Paypal. I suspect this is a simple issue, but have spent quite a while experimenting to no avai开发者_JAVA技巧l and would appreciate any thoughts:

System has a user management system working fine using sessions, but I can't get it to display the current user's credit.

But I've been trying things along the lines of:

$result = mysql_query("

SELECT *

FROM users

INNER JOIN account

ON account.UserID=account.UserID

ORDER BY account.accountID");

while($_SESSION['Username'] = $row['Username'] ) { echo $row['Username']; echo $row['Credit']; }

I suspect the while statement is invalid, but I want it to echo username and credit where the current session username = the username stored in the database.

Thanks so much for taking a look - very much appreciated.

Okay there is actually a lot wrong with your code that can not be fixed by you as you have obviously no knowledge of php at all.
But let me explain this so you can get a good understanding of what you did wrong:

First of all, your mysql statement is just wrong. Why do you join a field on itself? You won't get the corresponding users <-> account rows because users is never actually joined.
In addition to that, if you want to fetch a single row (you only want one because you only want to echo the data of one user, fetching more is only heavier in resources), tell mysql to do that. A simple example would be "WHERE a="b" LIMIT 1 (select only row where a is equal to "b", return after finding the first).

Now, to read something from your query, you need to fetch the corresponding data.
You can do that by using mysql_fetch_assoc / mysql_fetch_array / mysql_fetch_object. This would look something like this: $data = mysql_fetch_array($query);. In this case, you don't need to use a while() loop as you only have one row. A while loop is only necessary if you want to work with more then one row.

The rest of your code would be correct, though you don't need to call echo twice. You can simply connect both variables with a ".": echo $row['Username'].$row['Credit'];.
If you want to insert a space in between, connect it with another dot: echo $row['Username']." ".$row['Credit'];.

while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
    if ($row['Username'] == $_SESSION['Username'])
    {
         echo $row['Username']; 
         echo $row['Credit'];
         break; // I believe username is unuque.
    }
}

But it's much better to get just 1 row from the table :

$result = mysql_query("
SELECT * 
FROM users
INNER JOIN account
ON account.UserID=users.UserID
WHERE Username ='".mysql_real_escape_string($_SESSION['Username'])."'" );
if ($result && $row = mysql_fetch_array($result, MYSQL_ASSOC))
{
     echo .....
}

You only have a mysql result, now you have to return that information as an associative array (or object)

    while ($row = mysql_fetch_assoc($result)) {
    if ($_SESSION['username'] == $row['Username']) {
        echo $row['Username'];
        echo $row['Credit'];
    }
}

It appears as if you are using $_SESSION['username'] as a way to check user authentication on the site, much better to use a salted+hashed version of the username and possibly the login time (never include the password).

One thing that jumps out at me is that your query is joining on:

account.UserID=account.UserID

instead of:

account.UserID=user.ID

Also, this is not right:

while($_SESSION['Username'] = $row['Username'] )

The = sign is for assignment, not comparison, so you're actually setting the value of $_SESSION['Username'] to $row['Username']. Then, the expression is evaluated as a boolean (since it's within a while conditional), and if it's true once, it'll be true forever. Infinite loop city.

继续阅读:lampphp

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9