CODEWITHSUNDEEP
php
Jeff Davidson
Jeff Davidson

Reputation: 1929

not returning sufficient rows

What I'm trying to figure out here is how to access the different array values that I need. I have the following query and it returns this for an array when the print_r() is applied. For some reason it only does the first row from the db table. It should return a whole another row.

<?php

session_start();

// Include the database page
require ('../inc/dbconfig.php');
require ('../inc/global_functions.php');

//Login submitted
if (isset($_POST['submit'])) { 

// Errors defined as not being any
$errors = "no";

if((empty($_POST['answer1'])) || (trim($_POST['answer1'])=="") || ($_POST['answer1'] == NULL) || (!isset($_POST['answer1']))){$errors = "yes";}
if((empty($_POST['answer2'])) || (trim($_POST['answer2'])=="") || ($_POST['answer2'] == NULL) || (!isset($_POST['answer2']))){$errors = "yes";}

// Error checking, make sure all form fields have input
if ($errors == "yes") {

    // Not all fields were entered error
    $message = "You must enter values to all of the form fields!";

    $output = array('errorsExist' => true, 'message' => $message);

} else {

    $userID = mysqli_real_escape_string($dbc,$_POST['userID']);
    $answer1Post = mysqli_real_escape_string($dbc,$_POST['answer1']);
    $answer2Post = mysqli_real_escape_string($dbc,$_POST['answer2']);
    $question1 = mysqli_real_escape_string($dbc,$_POST['question1']);
    $question2 = mysqli_real_escape_string($dbc,$_POST['question2']);

    $query = "SELECT * FROM manager_users_secretAnswers WHERE userID = '".$userID."'";
    $result = mysqli_query($dbc,$query);

    // Count number of returned results from query
    if (mysqli_num_rows($result) > 0) {

        while ($row = mysqli_fetch_array($result)) {   

            $answer = $row['answer']; 

            // Comparing the database password with the posted password
            if ($answer == $answerPost) {



            } else {

                $errors = "yes";
                $message = "Your answers did not match the answers inside the database!";

                $output = array('errorsExist' => true, 'message' => $message);

            }


        }

    } else {

        $errors = "yes";
        $message = "We did not find any answers for your questions! Please consult the site administrator!";

        $output = array('errorsExist' => true, 'message' => $message);

    }

}

}

//Output the result
$output = json_encode($output);
echo $output;

?>

Upvotes: 1

Views: 102

Answers (2)

Brad Christie
Brad Christie

Reputation: 101614

You need to wrap your fetch in a loop. e.g.

if (mysqli_num_rows($result) > 0)
{
  while (($row = mysqli_fetch_array($result)) !== false)
  {
    if ($row['answer'] == $answerPost)
    {
      // $row matches what we're looking for
    }
    else
    {
      $errors = "yes";
      $message = "Your answers did not match the answers inside the database!";
      $output = array('errorsExist' => true, 'message' => $message);
    }
    print_r($row);
  }
}

Upvotes: 2

BenMorel
BenMorel

Reputation: 36554

Because you just fetch the first one, where you should loop on the result set instead:

$query = "SELECT * FROM manager_users_secretAnswers WHERE userID = '$userID'";
$result = mysqli_query($dbc,$query);

if (mysqli_num_rows($result) > 0) {
    while ($row = mysqli_fetch_array($result)) {
        print_r($row);
    }
}

By the way, you should be using prepared statements to avoid SQL injection.

Upvotes: 4

Related Questions