How to get a username from a table?

Question

I want to get a username from a table, but something is wrong.

$hash = $_SESSION["hash"];

$con=mysqli_connect("127.0.0.1","root","","abc");
if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

$result = mysqli_query($con, "SELECT username FROM members
WHERE password=" . $hash);

$row = mysqli_fetch_array($result);
$end = $row['username'];

Error
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in D:\xampp\htdocs\xx_code\members_01\memberpage.php on line 24

score 1 · Accepted Answer · edited May 23 '17 at 12:29

1

Try adding quotes and a semi-colon to your password-hash statement:

mysqli_query($con, "SELECT username FROM members WHERE password='" . $hash . "';");

Also make sure that the table members and the column username exists in the used database.

Also note that your code is vulnerable to SQL-injections (which is a serious issue...). Refer here: How can I prevent SQL injection in PHP?

edited May 23 '17 at 12:29

Community

1
1

answered Jul 10 '14 at 19:58

Max

914
9
27

Thanks a lot, it works. – qadenza Jul 10 '14 at 20:04
@bonaca Glad to hear. (Also, since it does, you can always accept the answer to make it clear to others viewing this question.) (**Edit** Sorry, forgot about limits.) – Max Jul 10 '14 at 20:05
I will, of course, but I must wait 10 minutes. – qadenza Jul 10 '14 at 20:07

How to get a username from a table?

1 Answers1