0
<?php

    $con = mysqli_connect('localhost', 'root', '', 'crud_db');
    if (mysqli_connect_errno()) 
    {
      echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    function signin() 
    {
      $session_start;
      if (!empty($_POST['email'])) 
      {
        echo "not empty";
        $query = "SELECT * FROM 'employee' where email= '$_POST ['email']' AND password=   '$_POST ['pwd']'";
        $result = mysqli_query($con, $query);
        $row = mysqli_fetch_array($result);

        if (!empty($row['email']) AND !empty($row['password'])) {
            echo "successfully login";
        } else {
            echo "login fail";
      }
    }

    }

    if (isset($_POST['submit'])) 
    {
      signin();
    }
?>

I am new in php, and i am trying to create a simple login page here is my php code,a simple login php code. when i try to run the code i get an error Notice: Undefined variable: con in C:\xampp\htdocs\CRUD\login.php on line 14 i already defined the variable $con in first line ,then why i am getting this error.

Second - when i try to run the sinin function block i get an error Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in C:\xampp\htdocs\CRUD\login.php on line 15 what does that mean, and how can i solve this.

enrico.bacis
  • 30,497
  • 10
  • 86
  • 115
Ashu Chauhan
  • 79
  • 3
  • 12

3 Answers3

0

You can make it global inside the function or pass it in the parameter to access it 

$con = mysqli_connect('localhost', 'root', '', 'crud_db');
if (mysqli_connect_errno()) 
{
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

function signin($con) 
{
  session_start();
  if (!empty($_POST['email'])) 
  {
    echo "not empty";
    $query = "SELECT * FROM employee where email= '$_POST ['email']' AND password=   '$_POST ['pwd']'";
    $result = mysqli_query($con, $query);
    $row = mysqli_fetch_array($result);

    if (!empty($row['email']) AND !empty($row['password'])) {
        echo "successfully login";
    } else {
        echo "login fail";
  }
}

}

if (isset($_POST['submit'])) 
{
  signin($con);
}
?>
Veerendra
  • 2,562
  • 2
  • 22
  • 39
  • +1 for finding the error, but you should suggest passing $con as parameter instead of global – andrew Aug 27 '14 at 08:44
  • -1: declaring it as a global variable inside the function may solve the problem but its a messy solution. A better approach is to passit as a parameter. Sometimes global variables are the right solution but in such a scenario one should not rely on an assumption that the variable is initialized in global scope - it should be explicitly declared as a global even if it is expected that the scope is global, – symcbean Aug 27 '14 at 08:47
  • Thanks veerendra , it worked. can you please help me with this error mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in C:\xampp\htdocs\CRUD\login.php on line 15 – Ashu Chauhan Aug 27 '14 at 08:49
  • @AshuChauhan i am editing the answer and please accept the answer if it helped you :) I think that error should be solved now as you are getting the connection now so query will be returning result – Veerendra Aug 27 '14 at 08:50
  • @AshuChauhan my answer will fix your second problem – andrew Aug 27 '14 at 08:54
  • @symcbean i have made changes according to your comment can i get my +1 back :) – Veerendra Aug 27 '14 at 08:56
  • 1
    @symcbean yeah, i don't like globals either but -1 was a bit harsh especially when he fixed the problem – andrew Aug 27 '14 at 08:58
  • @veerendra if i pass $con in the parameterit shows Missing argument 1 for signin(), called in C:\xampp\htdocs\CRUD\login.php on line 28 and defined in C:\xampp\htdocs\CRUD\login.php on line 8. with previous error Undefined variable: con in C:\xampp\htdocs\CRUD\login.php on line 15 and also the second error mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in C:\xampp\htdocs\CRUD\login.php on line 16 remains same. – Ashu Chauhan Aug 27 '14 at 09:17
  • @AshuChauhan please try using the global variable approach only – Veerendra Aug 27 '14 at 09:30
  • @Veeranda - I see you've also amended the $session_start to sesion_start() but the query is still using single quotes around literals ('employee') – symcbean Aug 27 '14 at 09:34
  • @AshuChauhan I have updated the query please use that query with the global variable approach – Veerendra Aug 27 '14 at 09:41
0

not related to the question but:

 $query = "SELECT * FROM 'employee' where email= '$_POST ['email']' AND password=   '$_POST ['pwd']'";

will not work.

$query = "SELECT * FROM 'employee' where email= '{$_POST ['email']}' AND password=   '{$_POST['pwd']}'";

will work but it is still sql injection vulnerable.

read How can I prevent SQL injection in PHP?

Community
  • 1
  • 1
andrew
  • 9,313
  • 7
  • 30
  • 61
0

Write the database side and the function side in diferent php script like this it may work

<?php 
$con = mysqli_connect('localhost', 'root', '', 'crud_db');
?>

function.php
<?php
include('database.php');
function signin() 
{
global $con;
  session_start();
  if (!empty($_POST['email'])) 
  {
    echo "not empty";
    $query = "SELECT * FROM employee where email= '$_POST ['email']' AND password=   '$_POST ['pwd']'";
    $result = mysqli_query($con, $query);
    $row = mysqli_fetch_array($result);

    if (!empty($row['email']) AND !empty($row['password'])) {
        echo "successfully login";
    } else {
        echo "login fail";
  }
}

}


?>
Skatox
  • 4,237
  • 12
  • 42
  • 47
bantayehu
  • 1