[RESOLVED] Undefined index: uid

dhelsdon

Hi, i am working on a simple forum index and I need some help,

I get this error on my code:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' WHERE 'id'='SELECT id FROM 'users' WHERE 'id'='''' at line 1

<?php				

						if($_SESSION['uid']){
							$sql = "SELECT username FROM 'users' WHERE 'id'='".$_SESSION['uid']."'"; 
							$res = mysql_query($sql) or die (mysql_error());

							if(mysql_num_rows($res) == 0){
								session_destroy();

									echo "Please <a href=\"./login.php\">Login</a> to your existing account or <a href=\"register.php\">Register</a> a new account!\n";
							}else{
								$row = mysql_fetch_assoc($res);
								echo "Welcome back, <a href=\"./index.php?act=profile&id=".$row['id']."\">".$row['username']."</a>!\n";
							}
						}else{
							echo "Please <a href=\"./login.php\">Login</a> to your existing account or <a href=\"register.php\">Register</a> a new account!\n";	
						}

					?>

dagon

$sql = "SELECT username FROM 'users' WHERE id='$_SESSION[uid]' ";

and if id is an int you don't need the quotes

dhelsdon

I replaced the line, it produces the same error.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' WHERE id='SELECT id FROM 'users' WHERE 'id'='''' at line 1

dagon

woops drop the quotes on users

dhelsdon

Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' in C:\wamp\www\forum2\index2.php on line 45

djjjozsi

In an SQL query the table , database and field names used a ` (prime)

never trust the session variables, use the cast functions on the session variables.
if you wanted to re-use a field ( $row['id'] ), select it in your query.

In html use the & sign as an html entitie: &

<?php

if ( !empty( $_SESSION['uid'] ) )
{
		$sql = sprintf( "SELECT `id`,`username` FROM `users` WHERE `id`=%d", $_SESSION['uid'] );
		$res = mysql_query( $sql ) or die ( mysql_error() );

	if ( mysql_num_rows( $res ) == 0 )
	{
			session_destroy();

			echo "Please <a href=\"./login.php\">Login</a> to your existing account or <a href=\"register.php\">Register</a> a new account!\n";
	} 
	else
	{
			$row = mysql_fetch_assoc( $res );
			echo "Welcome back, <a href=\"./index.php?act=profile&id=" . $row['id'] . "\">" . $row['username'] . "</a>!\n";
	} 
} 
else
{
		echo "Please <a href=\"./login.php\">Login</a> to your existing account or <a href=\"register.php\">Register</a> a new account!\n";
} 

?>

dhelsdon

Awesome, thanks for your help!