i have been looking everywhere for an answer to this and i still havent found one that works
what i want to be able to do is display the details of the user that is logged in but instead it shows the whole database

here is my code:

<?php
require('authenticate.php');
?>
<!-- Start get page name -->
<?
$currentFile = $_SERVER["PHP_SELF"];
$parts = Explode('/', $currentFile);
?>
<!-- End get page name -->
<!DOCTYPE HTML>
<html>
<head>
<title>My Account</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type="text/css">
@import url("style.css");
</style>
</head>
<body class="about">
<!-- Start NavBar -->
<?php
require('topnavbar.php');
?>
<!-- End NavBar -->
<div id="page-container"> 
	
	<div id="header"> 
	</div> 
    
<div id="sidebar-a"></div> 
	
	<div id="content"> 
	<div class="padding">
	<div id="user-details">
    <?php 
 // Connects to your Database 
 mysql_connect("interschoolsnetworkc.ipagemysql.com", "isn_1", "460980_jordy") or die(mysql_error()); 
 mysql_select_db("isn_1") or die(mysql_error()); 
 $data = mysql_query('SELECT * FROM authentication WHERE id='.$_SESSION['username'])
 or die(mysql_error()); 
 Print "<table border cellpadding=3>"; 
 while($info = mysql_fetch_array( $data )) 
 { 
 Print "<tr>"; 
 Print "<th>First Name:</th> <td>".$info['fname'] . "</td> "; 
 Print "<th>Last Name:</th> <td>".$info['lname'] . "</td> ";
 Print "<th>Username:</th> <td>".$info['username'] . " </td>";
 Print "<th>Year Group:</th> <td>".$info['yeargroup'] . "</td> "; 
 Print "<th>School:</th> <td>".$info['school'] . " </td></tr>"; 
 
 } 
 Print "</table>"; 
 ?> 
    </div>
      <p>&nbsp;</p>
	  <p>&nbsp;</p>
	</div> 
	</div> 
	
	<div id="footer"> 
	<div id="altnav"> 
		<a href="index.php">Home</a> - 
		<a href="login.php">Login</a> - 
		<a href="register.php">Register</a> - 
		<a href="about.php">About</a> -
        <a href="terms.php">Terms & Conditions</a>
	</div> 
	<div id="copyright">&copy; 2011 InterSchoolsNetwork, All Rights Reserved - A <a href="http://jordansmithsolutions.co.uk">Jordan Smith Solutions</a> &amp; <a href="http://www.joecocorp.webs.com/">JoeCo Corp Production</a><br /> 
</div> 
	</div> 
</div> 
</body>
</html>

unfortunately with this code i get an error this is

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

A few problems with this code. First of all, use

echo

. It is a lot faster than

print

. Second, the error in your SQL syntax is on this line.

$data = mysql_query('SELECT * FROM authentication WHERE id='.$_SESSION['username'])

I've taken the liberty of reqriting the code a bit. Here's the finished version

<?php 
mysql_connect("interschoolsnetworkc.ipagemysql.com", "isn_1", "460980_jordy") or die(mysql_error());
mysql_select_db("isn_1") or die(mysql_error());
$user = @$_SESSION['username'];
$sql = mysql_query("SELECT * FROM `authentication` WHERE id='{$user}'")
or die(mysql_error());
echo "<table border cellpadding=\"3\">\n";
while($info = mysql_fetch_assoc($sql))
{
echo "<tr>\n".
		 "<th>First Name:</th><td>{$info['fname']}</td>\n".
		 "<th>Last Name:</th><td>{$info['lname']}</td>\n".
		 "<th>Username:</th><td>{$info['username']}</td>\n".
		 "<th>Year Group:</th><td>{$info['yeargroup']}</td>\n".
	  	 "<th>School:</th><td>{$info['school']}</td>\n".
	 "</tr>";
}
echo "</table>";
?>
Member Avatar for diafol
$data = mysql_query('SELECT * FROM authentication WHERE id='.$_SESSION['username'])

is prob. wrong - try:

$username = $_SESSION['username'];
$data = mysql_query("SELECT * FROM authentication WHERE id='$username' LIMIT 1");

The LIMIT 1 just stops searching after the first (should only be one) user is found, so should be quicker (methinks).

Ensure that the session var actually exists. I can't see a session_start(); anywhere. This needs to be right at the top of your file.

I have done this but now i get a '-' showing and that is it and i have no idea why

Member Avatar for diafol

What have you done?
Where is the '-'?

If you carry on being so vague, contributors will not help you.

ok well what i did was what the previous posts told me to do heres my code

<?php session_start() ?>
<?php
require('authenticate.php');
?>
<!-- Start get page name -->
<?
$currentFile = $_SERVER["PHP_SELF"];
$parts = Explode('/', $currentFile);
?>
<!-- End get page name -->
<!DOCTYPE HTML>
<html>
<head>
<title>My Account</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type="text/css">
@import url("style.css");
</style>
</head>
<body class="about">
<!-- Start NavBar -->
<?php
require('topnavbar.php');
?>
<!-- End NavBar -->
<div id="page-container"> 
	
	<div id="header"> 
	</div> 
    
<div id="sidebar-a"></div> 
	
	<div id="content"> 
	<div class="padding">
	<div id="user-details">
    <?php 
 // Connects to your Database 
 mysql_connect("xxxx", "isn_1", "xxxx") or die(mysql_error()); 
 mysql_select_db("isn_1") or die(mysql_error()); 
 $username = $_SESSION['username'];
$data = mysql_query("SELECT * FROM authentication WHERE id='$username' LIMIT 1")
 or die(mysql_error()); 
 Print "<table border cellpadding=3>"; 
 while($info = mysql_fetch_array( $data )) 
 { 
 Print "<tr>"; 
 Print "<th>First Name:</th> <td>".$info['fname'] . "</td> "; 
 Print "<th>Last Name:</th> <td>".$info['lname'] . "</td> ";
 Print "<th>Username:</th> <td>".$info['username'] . " </td>";
 Print "<th>Year Group:</th> <td>".$info['yeargroup'] . "</td> "; 
 Print "<th>School:</th> <td>".$info['school'] . " </td></tr>"; 
 
 } 
 Print "</table>"; 
 ?> 
    </div>
      <p>&nbsp;</p>
	  <p>&nbsp;</p>
	</div> 
	</div> 
	
	<div id="footer"> 
	<div id="altnav"> 
		<a href="index.php">Home</a> - 
		<a href="login.php">Login</a> - 
		<a href="register.php">Register</a> - 
		<a href="about.php">About</a> -
        <a href="terms.php">Terms & Conditions</a>
	</div> 
	<div id="copyright">&copy; 2011 InterSchoolsNetwork, All Rights Reserved - A <a href="http://jordansmithsolutions.co.uk">Jordan Smith Solutions</a> &amp; <a href="http://www.joecocorp.webs.com/">JoeCo Corp Production</a><br /> 
</div> 
	</div> 
</div> 
</body>
</html>

The '-' is where the details should be on the page although it isnt anything that is possible to copy and does not show in the source code.

my database headings are id, fname, lname, username, password, yeargroup, school and loginattempt

if you need any more information then let me know so i can provide it

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.