Why my sql php logic return false output?

Question

Hello I have this code and I have a problem at function evalLoggedUser I think...as it is now the function shows me wrong output(returning false instead true) and when I change the if statement inside the function and do it like this:

if($numrows == 0) {
    return true;
}

It work like as I wish...but I want to work like this and the if statement to be like if($numrows > 0). I am one whole day searching and trying to figure this out but nothing... I have tried to echo the $numrows var and does not echo nothing...also I echoed db errors and is all good. Any help would be appreciated. Thanks in advance.

<?php
session_start();
include_once("../db_includes/db_conx.php");
$user_ok = false;
$log_id = "";
$log_username = "";
$log_password = "";
// User Verify function
function evalLoggedUser($db_conx,$id,$u,$p){
    $sql = "SELECT ip FROM users WHERE id='$id' AND username='$u' AND password='$p' AND activated='1' LIMIT 1";
    $query = mysqli_query($db_conx, $sql);
    $numrows = mysqli_num_rows($query);
    if($numrows > 0){  
        return true;
    }
}
if(isset($_SESSION["userid"]) && isset($_SESSION["username"]) && isset($_SESSION["password"])) {
$log_id = preg_replace('#[^0-9]#', '', $_SESSION['userid']);
$log_username = preg_replace('#[^a-z0-9]#i', '', $_SESSION['username']);
$log_password = preg_replace('#[^a-z0-9]#i', '', $_SESSION['password']);
// Verify the user
$user_ok = evalLoggedUser($db_conx,$log_id,$log_username,$log_password);
} else if(isset($_COOKIE["id"]) && isset($_COOKIE["user"]) && isset($_COOKIE["pass"])){
$_SESSION['userid'] = preg_replace('#[^0-9]#', '', $_COOKIE['id']);
    $_SESSION['username'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['user']);
    $_SESSION['password'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['pass']);
$log_id = $_SESSION['userid'];
$log_username = $_SESSION['username'];
$log_password = $_SESSION['password'];
// Verify the user
$user_ok = evalLoggedUser($db_conx,$log_id,$log_username,$log_password);
if($user_ok == true){
// Update their lastlogin datetime field
$sql = "UPDATE users SET lastlogin=now() WHERE id='$log_id' LIMIT 1";
        $query = mysqli_query($db_conx, $sql);
}
}
?>

I'm assuming db_conx.php has a `mysqli_connect`, correct? Also, you said `$numrows` does not echo nothing...so what _does_ it echo? — ChicagoRedSox, Sep 24 '13 at 01:58
You're assuming that the query succeeding; check all your return values, and make sure that you handle them appropriately. Try a `var_dump($query)` to see what you're getting back from the database; check and see if there's anything in `mysqli_error($db_conx)` — andrewsi, Sep 24 '13 at 02:03
Yes, db_conx.php has a mysqli_connect...it works perfect I have checked it a lot of times...yeah $numrows when I echo it it gives nothing, but when I put it like this it returns true: $numrows == 0. Now I do a var_dump at $query and $numrows and the two vars return NULL. I have done mysqli_error and this has return nothing. — Vaios P., Sep 24 '13 at 10:11

score 0 · Accepted Answer · answered Sep 24 '13 at 10:47

I found the solution...it seems that has not recognized the var $db_conx when I include the db_conx.php... So instead of include this file, I wrote the connection in the same folder that I showed you above and it works perfectly now:

<?php
session_start();
include_once("../db_includes/db_conx.php");
$user_ok = false;
$log_id = "";
$log_username = "";
$log_password = "";
// User Verify function
function evalLoggedUser($db_conx,$id,$u,$p){
    $sql = "SELECT ip FROM users WHERE id='$id' AND username='$u' AND password='$p' AND activated='1' LIMIT 1";
    $query = mysqli_query($db_conx, $sql);
    $numrows = mysqli_num_rows($query);
    if($numrows > 0){  
        return true;
    }
}

to

<?php
session_start();
$db_conx = mysqli_connect("xxxxxxxx","xxxxxxxx","xxxxxxxx","xxxxxxxx");
// Evaluate the connection
if (mysqli_connect_errno()) {
    echo mysqli_connect_error();
    exit();
}
$user_ok = false;
$log_id = "";
$log_username = "";
$log_password = "";
// User Verify function
function evalLoggedUser($db_conx,$id,$u,$p){
    $sql = "SELECT ip FROM users WHERE id='$id' AND username='$u' AND password='$p' AND activated='1' LIMIT 1";
    $query = mysqli_query($db_conx, $sql);
    $numrows = mysqli_num_rows($query);
    if($numrows > 0){  
        return true;
    }
}

score -1 · Answer 2 · answered Sep 24 '13 at 04:00

-1

too many unknowns to answer for certain, so try this. Replace the code in your function following the SQL statement with:

if (($result = $db_conx->query($sql)) === false) {
   $errmsg .= '<p><b>User Eval:</b> ' . $db_conx->error . '</p><p>' . $sql . '</p>';
   echo $errmsg;
} elseif (!$result->num_rows) {
   //no records, so user cannot log in
} else {
    //return a true value in here
}

Once you run it one time, you should be able to see exactly what is wrong

answered Sep 24 '13 at 04:00

Cheesepipe

71
1
5

I do it but returns nothing...a blank page. Also I echoed the elseif and else I put a string in it to see where it goes but it goes nowhere just a blank page. – Vaios P. Sep 24 '13 at 10:13
Disappointed that this was voted as not providing any help. Effectively it demonstrated that the query was never executing which lead to the final solution that the connection object was not valid. – Cheesepipe Sep 25 '13 at 11:35

Why my sql php logic return false output?

2 Answers2