<div class="ui-widget">
<form method="POST">
<?php
if(isset($_POST['search'])){
$connection = mysql_connect('localhost', 'root', '1234');
mysql_select_db('hoppers');
$query = "SELECT user_name FROM users WHERE {$_POST['username']} = user_name";
$result = mysql_query($query) or die ("MySQL-Error: " . mysql_error());
$row = mysql_fetch_array($result);
if($row = TRUE){
$present = $row['user_name'];
echo $present;
}else{
echo "This User does not exist!";
}
}
?>
<label for="tags">Username: </label>
<input type="text" id="tags" name = "username">
<input type="submit" name="search" value="Suchen!">
</form>
</div>
So I'm always getting the this error-message: MySQL-Error: Unknown column 'dompol171' in 'where clause'.
So it is comparing the username that I entered with the column "user_name" itself. I keep freaking out...since I have no clue how to compare it in a different way!
Try using :
$query = "SELECT user_name FROM users WHERE user_name = '{$_POST['username']}'";
Query needs slight adjustment, from:
$query = "SELECT user_name FROM users WHERE {$_POST['username']} = user_name";
to:
$query = "SELECT user_name FROM users WHERE user_name = '{$_POST['username']}'";
Wrap the value in single quotes.
This updated PHP will validate the data passed back:
<?php
if(isset($_POST['search'])){
$connection = mysql_connect('localhost', 'root', '1234');
mysql_select_db('hoppers');
$query = "SELECT user_name FROM users WHERE user_name = '{$_POST['username']}'";
$result = mysql_query($query) or die ("MySQL-Error: " . mysql_error());
// count # of rows returned by DB query
$num_users = mysql_num_rows( $result );
// If more than 0
if ( $num_users > 0 ){
// Success!
$row = mysql_fetch_array($result);
var_dump( $row );
} else {
// No results returned
echo "This User does not exist!";
}
}
You have made a mistake in where clause , it's :
WHERE user_name = {$_POST['username']}";
The syntaxe is : Where "column" = "value"
You have your parameters backwards. Column name always goes before the value:
$query = "SELECT user_name FROM users WHERE user_name = {$_POST['username']}";
This isn't a comparison operator like in PHP where the operands can be on either side of the equation.
What is happening here is the value of $_POST['username'] is being considered a column since you didn't quote it i.e. set it as a string. So say the user name is musa, its trying to compare column musa to column user_name(and that column doesn't exist). It should be
$query = "SELECT user_name FROM users WHERE 'some username' = user_name";
Try Using This:
$username = $_POST['username'];
$query = "SELECT user_name FROM users WHERE user_name='" . $username . "'";