Jimmy
Reputation: 12517
Query MySQL to show users post in PHP - Not sure how to formulate query
This is my existing code from a tutorial:
<fieldset>
<legend><?php echo WORDING_EDIT_USER_DATA; ?></legend>
<p><?php echo WORDING_YOU_ARE_LOGGED_IN_AS . '<b>' . $_SESSION['user_name']; ?></b></p><hr/>
<p>$_SESSION['user_id'] = <?php echo $_SESSION['user_id']; ?></p>
<p>$_SESSION['user_name'] = <?php echo $_SESSION['user_name']; ?></p>
<p>$_SESSION['user_email'] = <?php echo $_SESSION['user_email']; ?></p>
<p>$_SESSION['user_access_level'] = <?php echo $_SESSION['user_access_level']; ?></p>
<p>$_SESSION['user_logged_in'] = <?php echo $_SESSION['user_logged_in']; ?></p><hr/>
<p><?php echo WORDING_PROFILE_PICTURE . '<br/><img src="' . $login->getGravatarImageUrl() ; ?>" /></p>
</fieldset><br/>
<a href="?logout"><?php echo WORDING_LOGOUT; ?></a> | <a href="?edit"><?php echo WORDING_EDIT_USER_DATA; ?></a>
<?php echo (ALLOW_ADMIN_TO_REGISTER_NEW_USER && $_SESSION['user_access_level'] == 255 ? '<br/><a href="?register">'. WORDING_REGISTER_NEW_ACCOUNT .'</a>' : ''); ?>
This is the query I want to do on this schema:
SELECT item_title, item_location, item_datetime
FROM item
WHERE user_id = 1;
I'm fairly new to this but this is what I was trying, in order to show the post items which belong to that user who is logged in:
<?php
$result = mysql_query('SELECT item_title, item_location, item_datetime
FROM item WHERE user_id = $_SESSION['user_id'] ;');
if (!$result) {
die('Invalid query: ' . mysql_error());
}
?>
I haven't been able to make much progress in making this query work or this code run. Can anyone tell me where I am going wrong please?
Upvotes: 0
Views: 77
Answers (3)
Peter Black Moore
Reputation: 92
try this:
<?php
$result = mysql_query("SELECT item_title, item_location, item_datetime
FROM item WHERE user_id = " .$_SESSION['user_id']. " ;");
if (!$result) {
die('Invalid query: ' . mysql_error());
}
?>
Anyway, you should escape the variable $_SESSION['user_id'], to prevent SQL injection.
Here is some of the official documentation:
http://php.net/manual/es/security.database.sql-injection.php
Upvotes: 1
erfjax
Reputation: 54
Replace the main boundaries with double qoutes
mysql_query('SELECT item_title, item_location, item_datetime
FROM item WHERE user_id = $_SESSION['user_id'] ;');
to
mysql_query("SELECT item_title, item_location, item_datetime
FROM item WHERE user_id = $_SESSION['user_id'] ;");
Upvotes: 2
Berserk
Reputation: 882
Replace your query by this one and try :
$result = mysql_query('SELECT item_title, item_location, item_datetime
FROM item WHERE user_id ='.$_SESSION['user_id']);
Upvotes: 2
Related Questions
- How can I output MySQL query results in CSV format?
- How do I send a POST request with PHP?
- How can I do 'insert if not exists' in MySQL?
- How to create a MySQL hierarchical recursive query?
- How to show the last queries executed on MySQL?
- PHP Error: Unable to jump to row 0 on MySQL
- MYSQL SELECT max(ID) WHERE Onderdeel_ID=$Onderdeel_ID
- Invalid query: Table doesn't exist
- mysql php query HAVING clause