1

Almost finished my login script, just need a helping hand in finding a substitute method for this:

return (mysql_result($query, 0) == 1) ? true : false;

The query:

$query = mysqli_query($link, "SELECT COUNT 'id' FROM 'user_login_details' WHERE 'username' = '$username' AND 'password' = '$password'");

This query is designed to search for the user's id that is attributed to the $password and $username that the user entered.

The ternary operator statement basically says, "return" "true" if the "id" of the record that the user's username and password is "==1". Basically making sure that the record exists and the details are actually present on the database by using the 2nd parameter of mysql_result to check the row number. It's my first record so the number will be 0.

$link

I have found that as of mysqli, the database link connection is require with every query now (a bit weird as it over complicates things) but the primary issue is that mysqli_result doesn't exist and so somehow I need to find an inbuilt function (or build one myself) that can check the row number for the query result (id) and check if it equals one.

I essentially want to be able to write this:

return (mysqli_result($query, 0) == 1) ? true : false;

Any help would be great thanks,

Tom

Drahgon
  • 33
  • 5
  • 1
    Side-note: Your ternary operator can actually be shortened to `return mysql_result($query, 0) == 1;`. – rdiz Jan 19 '15 at 14:29
  • Duplicate? http://stackoverflow.com/questions/2089590/mysqli-equivalent-of-mysql-result – Hartmut Holzgraefe Jan 19 '15 at 14:31
  • @Hartmut, I did already see this and couldn't understand it very well as he is using what seems to be the object oriented method, i'm procedural. – Drahgon Jan 19 '15 at 14:34
  • @Dencker, even shorter: `return (bool) mysqli_result($query, 0);` – Oleg Dubas Jan 19 '15 at 14:35
  • @Dencker, how is this possible as you haven't stated the value of what each outcome will return? – Drahgon Jan 19 '15 at 14:35
  • @OlegDubas You're right! – rdiz Jan 19 '15 at 14:36
  • @Oleg, as im sure you are aware, that wont work due to the mysqli_result functions being non-existent. – Drahgon Jan 19 '15 at 14:36
  • @Drahgon the nature of the comparison operator (in your case, equals - `==`) is that it compares the values on either side and returns true or false depending on whether the condition was fulfilled or not. In plain english `1==2` would be like saying: "One is equal to two", and PHP responds: "That statement is false.". Try doing `var_dump(1==2)` – rdiz Jan 19 '15 at 14:37

3 Answers3

0

What you basically want is: 

function sqlResult($q, $count) { 
    if (!$q)
        return false;
    if ($arr = mysqli_fetch_array($q) && $count < count($arr)) { 
        return $arr[$count];
    } else { 
        return false;
    }
}

Yet, if I'm not mistaken, you still have to escape your username/password, else injections will still be possible. See http://php.net/manual/en/mysqli.real-escape-string.php

Jyy
  • 3
  • 1
  • I have already sanitized the data being entered so that isn't an issue, however i'm actually struggling to see what this does. Forgive my lack of knowledge only been doing this for a week. – Drahgon Jan 19 '15 at 14:40
  • apart from validating input (you can't access the 5th element of an array if the array consists out of 4 elements obviously), it fetches the first row and outputs the nth (count) column of that row. – Jyy Jan 19 '15 at 14:47
0

A good complete substitute for mysql_result:

function mysqli_result($res, $row=0, $col=0)
{ 
    $numrows = mysqli_num_rows($res); 
    if ($numrows && $row <= ($numrows-1) && $row >=0){
        mysqli_data_seek($res,$row);
        $resrow = (is_numeric($col)) ? mysqli_fetch_row($res) : mysqli_fetch_assoc($res);
        if (isset($resrow[$col])) return $resrow[$col];
    }
    return false;
}
Oleg Dubas
  • 2,320
  • 1
  • 10
  • 24
0

What about this? (didn't test)

return (mysqli_fetch_row($query)[0] == 1) ? true : false

Note: PHP 5.4.0 or higher is needed for Function array dereferencing

Andrew
  • 490
  • 7
  • 21