2

So from the code you can see that it should be echoing the points and username values that are stored in the includes php file. Well... It's not and I'm frustrated! Is there something I'm doings wrong or just not getting?

config.php

$username = $_SESSION['username'];
$result = mysqli_query($connection, "SELECT points FROM users WHERE username = '$username'");
$row = mysqli_fetch_assoc($result);
$points = $row['points'];

index.php

    <?php include('config.php'); ?>
    <div id="container">
    <?php echo $points . $username; ?>
    </div>
Improve this question
4
  • 2
    As an aside, you appear to have an SQL injection vulnerability. Commented Oct 27, 2012 at 6:43
  • Have you checked to see if there are any results from the query? Commented Oct 27, 2012 at 6:47
  • @icktoofay I assume you mean the $username? Should I really have to escape a session value? Commented Oct 27, 2012 at 6:49
  • @Stax: Yes, unless it was sanitized before (which I doubt). Commented Oct 27, 2012 at 7:01

2 Answers 2

Reset to default
2

Use <?php session_start(); ?> before you access $_SESSION.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks! I forgot to add that to the config.php. Really helps to have a second pair of eyes to look things over.
0

First check your output get properly from mysql query and session_start(); write on top of config.php file.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.