javascript - I am getting weird output




You have an issue here in your code:

$idQuery = "SELECT ID FROM `register` WHERE username='$username'";
mysqli_query($db, $idQuery);
$_SESSION['username'] = $username;
$_SESSION['userid'] = $idQuery;

As i mentioned in my comment, check what are you getting inecho "SELECT * FROM register WHERE ID='$idQuery' "; you definitely getting this kind of result:

SELECT * FROM register` WHERE ID= 'SELECT ID FROM `register` WHERE username='somename''

For sub query, remove quotes around your variable from:

"SELECT * FROM register` WHERE ID='$idQuery' ";

should be:

"SELECT * FROM register` WHERE ID = $idQuery";

Note that, this is success case, as you show your result here, your query is working fine..

You also need to use some protection for$idQuery if$idQuery == '' then your you can't get any result also.

As @patrick-q mentioned, use session to storeusername orID instead of saving a full query.

Second, you code is wide open for SQL injection, for preventing, use PDO.

Some helpful links:

Are PDO prepared statements sufficient to prevent SQL injection?

How can I prevent SQL injection in PHP?

People are also looking for solutions to the problem: php - How does CS-Cart handle the storefront index page on the back-end side?


Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.