php mysql error when empty result is returned

Question

I am using the code below to check the password. Its working fine while the user name i enter into form is in database. but if the username is not available then foreach throws error.

   <?php 
    $u=$_REQUEST['loginname'];
    $P=$_REQUEST['loginpass'];
    $pas=md5($P);
    $server="localhost:3306";
    $user="root";
    $pass="prabhs226";
    $database="sugar";
    $conn=mysqli_connect($server,$user,$pass);
    mysqli_select_db($conn,$database);
    $sql=("select b_pass from ub_per where b_id='$u' or b_email= '$u';");
    $res = mysqli_query($conn,$sql);

    $row = mysqli_fetch_array($res,MYSQLI_ASSOC);

    foreach($row as $value){
    $value;}

    if($value==$pas){
    echo "password matched";    
    }
    else{echo"not matched";}
    ?>

I am getting this error:

PHP Warning: Invalid argument supplied for foreach() in E:\noname\name\logged.php on line 19 PHP Notice: Undefined variable: value in E:\noname\name\logged.php on line 22.

plus i want to know if there is any way to define DB credentials ony once for compelete website.

Answer 1

I agree with Luthando Loot. Also if you want to define DB credentials ony once for compelete website. You can make a constant file with the credentials and include that to a function file where you make connection to the database. After that include the connection function in your script. this way you dont have to write a script to connect everytime you need the database. Just include it and its good to go.

EXAMPLE

constants.php

/**
 * Database Constants - these constants are required
 * in order for there to be a successful connection
 * to the MySQL database. Make sure the information is
 * correct.
 */
define("DB_SERVER", "localhost");
define("DB_USER", "User_db");//enter your database username
define("DB_PASS", 'Pass_db');//databse password
define("DB_NAME", "Name_db");//database name

database.php

/**
 * Database.php
 *
 * The Database class is meant to simplify the task of accessing
 * information from the website's database.
 */
include("constants.php");

try {
    $db = new PDO("mysql:host=" . DB_SERVER . ";dbname=" . DB_NAME, DB_USER, DB_PASS); //Initiates connection
    $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Sets error mode
}
catch (PDOException $e) {
    file_put_contents("log/dberror.log", "Date: " . date('M j Y - G:i:s') . " ---- Error: " . $e->getMessage() . PHP_EOL, FILE_APPEND);
    die($e->getMessage()); // Log and display error in the event that there is an issue connecting
}

Keep in mind that this is a PDO connection not a mysqli. This is just an example of how to work with constants so it could be used for the whole site.

Answer 2

Im using PDO

<?php    $u=$_REQUEST['loginname'];    
 $P=$_REQUEST['loginpass'];    
 $pas=md5($P);    
 $db = new PDO('mysql:host=localhost;dbname=sugar', 'root' , 'prabhs226');  
 $db->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);    
 $stmt=$db->prepare("select b_pass from ub_per where b_id= :id or b_email= :email;");    
 $stmt->bindParam(':id', $id, PDO::PARAM_INT);    
 $stmt->bindParam(':email', $email, PDO::PARAM_STR);    
 $stmt->execute();    
 $row = $stmt->fetch();    
 if($row){    
   $row['b_pass']=$value;    
 }    
 else{     
   echo "invalid user name ";    
 }    
 if($value==$pas){    
   echo "password matched";    
 }    
 else{    
   echo "not matched";    
 }    
?>

Answer 3

Try this.

<?php 
    $u=$_REQUEST['loginname'];
    $P=$_REQUEST['loginpass'];
    $pas=md5($P);
    $server="localhost:3306";
    $user="root";
    $pass="prabhs226";
    $database="sugar";
    $conn=mysqli_connect($server,$user,$pass);
    mysqli_select_db($conn,$database);
    $sql=("select b_pass from ub_per where b_id='$u' or b_email= '$u';");
    $res = mysqli_query($conn,$sql);

    if($row = mysqli_fetch_array($res,MYSQLI_ASSOC)) {
        if($row['b_pass'] == $pas){
            echo "password matched";    
        }
        else{
            echo"not matched";
        }
    }
    else{
        echo"not matched";
    }
?>

Answer 4

The problem is your $value attribute is just laying there, echo it or store it somewhere:

Print it

foreach($row as $value){
    echo $value;  
}  

Or Store it

foreach($row as $value){
    $valueStore = $value;  
} 

Answer 5

$storeVal = '';
    if(!empty($row))
       foreach($row as $value){
        $storeVal = $value;
}
if($storeVal==$pas){
    echo "password matched";    
    }
    else{echo"not matched";}

Store value on scope variable, $value scope within foreach loop