Php not fetching the data from mysql

Question

I have created a login form and a connectivity page which deals with sql connection. Every time its printing "Query not retrieved ". I want to run the query with the login details given in the text box . If its true , The first name has to be stored in the session.

This is the structure of the database i use to link it with php

Database z1760359

Table member

        member ID  firstName  lastName  userName  password

index.php

<html>
<head>
<style>
#login
{

    position:absolute;
    top: 30%;
    bottom: 30%;
    left:30%;
    right:30%;
    margin: 0px auto;
 }

</style>
</head>
<body>
<?php
session_start();

echo"<center>";
echo"<div id=\"login\">";

 echo"<form method=\"POST\" action=\"connectivity.php\">";
 echo"<b>Username</b>  <input type =\"text\" name=\"username\">";
 echo"<br/><br/>";
 echo"<b>Password</b>&nbsp;<input type =\"password\" name=\"password\">";
 echo"<br/><br/>";
 echo"<input type=\"submit\" value=\"submit\">";

 echo"</div>";
 echo"</center>";
 ?>

 </body>
 </html>

connectivity.php

<?php
 $username = $_POST['username'];
$password = $_POST['password'];
$host="localhost";
$uname="root";
$pword="";
$db="z1760359";
$conn=mysqli_connect($host,$uname,$pword,$db) or die("Oops something went   wrong");
session_start();
$query="Select firstName  from member where userName=$username, password=$password";
if(!empty($_POST['username']))
  {
     $query_first=mysqli_query($conn,$query) or die(" Query not retrieved");
     $query_second=mysqli_fetch_assoc($query_first);
     if(!empty($row['username']) AND !empty($row['password']) )
        {
           $_SESSION['user_name']=extract($query_second);
        }
        else
   {
        echo"wrong password";
    }

   }
   else
    {
      echo"please enter the password or username";
    }
  echo"$password";
  echo"<br>";
  echo"$username";
  ?>

Answer 1

There's an error in your query. Conditions should be separated by AND, not by comma and you should add single quotes around string values. So your query should be:

Select firstName  from member where userName='$username' AND password='$password'

instead of:

Select firstName  from member where userName=$username, password=$password

Answer 2

In your code "mysqli_query" returns false, hence you should use mysqli_error() for printing more details about the error and move forward accordingly.

Answer 3

Error in your query. You are missing single quotes when comparing the value and you are missing AND operator.

$query="Select firstName  from member where userName='$username' and password='$password'";

Answer 4

use single quote when using a variable in my mysql query

$query="Select `firstName`  from `member` where `userName`='".$username."' and `password`='".$password."'";

Answer 5

If you do not use prepared statements, you have to make single quotes arround the values in mysql:

$query="Select firstName  from member where userName='$username' AND password='$password'";

Also you have to use logical operators between the conditions.