wolfpupxd
wolfpupxd

Reputation: 13

Cannot fetch array inside a function PHP

I can't fetch an array inside a function but I can do it outside of the function. When I fetched it outside the function and echo it out, it prints out 1, but inside the function, using the same fetch array codes and echoing it out, it echos as null. I can tell because the --- symbols echos out, but the number 1 doesn't. I'm confused, because if it worked outside the function, the same code should work inside a function, right? Unless I'm doing something wrong? Please help. Thanks.

<?php

include('connect.php');
include('username.php');
//include('functionGet.php');

$boo = $_GET['boo'];
echo "$boo";

function getData($select,$from,$where,$equals){

$fetch = mysql_fetch_array(mysql_query("SELECT acceptedChallenges FROM      
userLogin WHERE username = '$username'"));
$fetch = $fetch['acceptedChallenges'];

echo "---$fetch---";

}

if($boo = 'yes'){

$acceptedChallenges =    
getData("acceptedChallenges","userLogin","username",$username);

$fetch = mysql_fetch_array(mysql_query("SELECT acceptedChallenges FROM    
userLogin WHERE username = '$username'"));
$fetch = $fetch['acceptedChallenges'];

echo "$acceptedChallenges$username$fetch";

//mysql_query("UPDATE userLogin SET openChallenges = '0' WHERE username =   
'$username'");
//mysql_query("UPDATE userLogin SET acceptedChallenges =   
'$acceptedChallenges' WHERE username = '$username'");

}
else{



}
?>

Upvotes: 1

Views: 630

Answers (3)

David
David

Reputation: 1144

This code souns very bad:

  • Dont eval string with the variable if ouy have the variable echo $boo;
  • Don't use eval string ", use non eval ' and concat variables
  • Put globales off and escape the variables before query to prevent injection mysql_real_escape
  • Do a class to abstract data, not a function
  • Use non deprecated connect db functions like mysqli or pdo
  • Don't use static funcions to connect, use an instance of the library and his methods, is clear and more simple $db=new Mysqli()
  • Don't concat 2 or 3 functions, set the result in a variable and continue in a next line.
  • Iterate the result of fetch with if or while depending you have one or more results, don't get the result directly
  • Don't close php tag if you only have php

I suggest:

  • Set globales off if you have on in your php (show if on with phpinfo()
  • Create a instance of database using PDO library $db=new PDO()...
  • Create a class to get database information for everhy entity for example ChallengeObject with a method to get information function get($user)
  • Instance the ChallengeObject and pass to the constructor the database connection instance.
  • Inside get() function use prepared statements to pass data and prevent injection

    private databse;
    
    function __construct($database) {
        $this->databse=$databse;
    }
    
    function get($user) {
        $sql='SELECT acceptedChallenges FROM userLogin WHERE username = :user';
        $this->database->prepare($sql)
        $this->database->bindParam(":user",$user,'PDO::INT_VALUE);
        $this->database->execute();
        if ($user=$this->databse->fetch()) {
          return $user;
        }
        return false;
    }
    
    
    
    <?php
    $database=new PDO(...);
    
    $challengeObject=new ChallengeObject($database);
    $user=$challengeObject->get($_POST['boo']);
    if ($user!=false) {
       echo "Authenticated successfull";
    }
    

Upvotes: 0

Schlaus
Schlaus

Reputation: 19252

You're using $username in your query, but there's no such variable in your function:

function getData($select,$from,$where,$equals){

$fetch = mysql_fetch_array(mysql_query("SELECT acceptedChallenges FROM      
userLogin WHERE username = '$username'"));
$fetch = $fetch['acceptedChallenges'];

echo "---$fetch---";

}

In regards to the discussion in comments, here's a clip to demonstrate variable scope:

$username = "Testing";

function test1() {
    echo $username;  // Will emit Notice, since $username is undefined
}

function test2() {
    global $username;
    echo $username;  // Will work, but this is bad practice
}

function test3($username) {
    echo $username;  // This is the proper way to do it
}

test1();
test2();
test3($username);

You can play with it here.

Upvotes: 1

Danyal Sandeelo
Danyal Sandeelo

Reputation: 12401

you are passing $where instead of $username so change

 function getData($select,$from,$where,$equals){

to

 function getData($select,$from,$username,$equals){

Upvotes: 1

Related Questions