0

I need to display the content created by the user from db even when a user is not logged in.

<? php

$get_user_content = mysqli_query($conn, "SELECT * FROM content WHERE UserName = '$username'") or die($dataaccess_error);

if(mysqli_num_rows($get_user_content) == 1 )
{
  $row = mysqli_fetch_array($get_user_content);

  $title = $row['utitle'];
  $content = $row['ucontent'];
}

echo $title;
echo $content;

?>

But I am getting two errors:

undefined variable: username

and

Warning: mysqli_query() expects parameter 1 to be mysqli

I am new to PHP coding. Please help me on this.

Brandan
  • 14,735
  • 3
  • 56
  • 71
user811589
  • 13
  • 5
  • Where do you initialize $conn? – Jocelyn Jul 07 '12 at 13:37
  • what do you mean "without require login in PHP"? You can't access a Mysql database without connecting to it, and providing proper login/password. – Jocelyn Jul 07 '12 at 13:39
  • you need to read about how to connect to database on php.net and also read about variables. username is undefined, you need to use get or post to have input sent from page or through url . look at php.net – Dreaded semicolon Jul 07 '12 at 14:19
  • $conn is for conneting database:- require_once('mysql.php') i need to display some content which is created by the user for public view. so without login, user should view the content. – user811589 Jul 07 '12 at 15:52
  • There is a really clear error message: `error: undefined variable: username`. Define $username and it will work better. – Jocelyn Jul 07 '12 at 15:59
  • is this code correct to define username? if(!empty($_POST['UserName'])) { $username = $_POST['UserName']; $username = mysqli_real_escape_string($conn, $username); – user811589 Jul 07 '12 at 18:02

2 Answers2

1

You need to define the username variable, you need to connect to database too. If you are going to use mysqli, then it is better to use the object oriented style. Mysqli may not be the ideal solution, see this Cletus answer here: MySQL vs MySQLi when using PHP

You'll need to check php guide at php.net to learn the language, and make sure to check the comments. you can also google tutorials. if all fail, then stackoverflow will be the place to get help.

<?php
$username = trim($_POST['username']); //where username is a form field sent using post method, we trim it to remove white spaces so if user just enters spaces, the script will see it as empty string.

//Connect to database  http://www.php.net/manual/en/mysqli.query.php
$conn = mysqli_connect("localhost", "my_user", "my_password", "yourdatabasename");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}


if ($username){
    $username=mysqli_real_escape_string($conn, $username); //escape the string AFTER you connect http://www.php.net/manual/en/mysqli.real-escape-string.php
    $get_user_content = mysqli_query($conn, "SELECT * FROM content WHERE UserName =    '$username' LIMIT 1") or die(mysqli_error($conn));  //assuming you have table called content with a field called UserName to store the username, add limit 1 since you only need one anyway.  , where does databaseaccess_error comes from? it's undefined. use mysqli_error

   if(mysqli_num_rows($get_user_content) == 1 )
   {
       $row = mysqli_fetch_array($get_user_content);

       $title = $row['utitle'];
       $content = $row['ucontent'];


       echo $title;
       echo $content;
   }else echo "User couldn't be found";
}
Community
  • 1
  • 1
Dreaded semicolon
  • 2,274
  • 1
  • 28
  • 43
  • I have fixed this by using basename(dirname(FILE)); to define $username. Now its working fine. thanks for your help @Dreaded – user811589 Jul 11 '12 at 03:12
  • Sure no problem. if you want the current file it should be __FILE__ not FILE. also I wasn't aware of your other comment. you ll need to reply to my answer so I can get the notification or use my exact name in @ – Dreaded semicolon Jul 11 '12 at 03:28
  • it seems the syntax was converted by stackoverflow to bold but I meant underscore underscore FILE underscore underscore. please see this: http://php.net/manual/en/language.constants.predefined.php – Dreaded semicolon Jul 13 '12 at 01:30
0

If you are displaying information created by a user it will be difficult to display that information without the user logged in.

The only way I can think of to do this is to store the users IP when they create an account, and read the IP when anyone visits the page. If it matches a user, then display the information. You may be risking some security measures when doing this though, and when IP changes, this can mess up things bad in the future this way.

To be clear though, you are wanting to display what, say I, created on your site when visiting a page, but without me logging in? Or just any user created stuff?

Grant
  • 196
  • 1
  • 4
  • 16
  • Best example is like wordpress blog, users can view the page and they can post comment on it without login. I have one more option is creating subdomain for the user and store the page in that folder and getting the content using `code` $username = basename(dirname(__FILE__));`code` using folder name we can easily define the username and get the data. But i need to create a dynamic page without creating subdomain for the user. @Dreadedsemicolon thanks for ur code, but still i am getting undefined username. Suggest me which is best way: creating subdomain or any other best way to populate? – user811589 Jul 09 '12 at 02:56
  • Do you already have a login/register system to set up a user with a username? – Grant Jul 16 '12 at 02:10