0

I'm trying to check if the content of the variable $host exists in the ID column of my database. Afterwards I want it to assign the corresponding value to $exists, if the entry is in the database or not.

For some reason this part of my script is always returning the same result, regardless if $host is contained in the database or not. Please help :)

$query = mysqli_query($conn, "SELECT 'ID' FROM 'servers' WHERE 'ID' = '$host'");
if (empty($query)) {
        $exists = "false";
}
else {
        $exists = "true";
}
Improve this question
4
  • 1
    A: You're using the wrong identifiers for your table and column. Remove the quotes. Plus, that's not the way to check if a record exists, you're just checking if the query returns true or not. Commented Oct 26, 2014 at 12:42
  • important --- code.tutsplus.com/tutorials/… Commented Oct 26, 2014 at 12:43
  • stackoverflow.com/questions/60174/… Commented Oct 26, 2014 at 12:45
  • Well the sad part is that it returns the same result when I set $host to a value that's contained in the database, and when I set it to a different value. I am definitely going to check on the links that you sent. I'm writing the script for a bash alias, but it would definitely be a good idea to learn how to write securely. Thank you very much. Commented Oct 26, 2014 at 13:27

2 Answers 2

Reset to default
3

This line 

$query = mysqli_query($conn, "SELECT 'ID' FROM 'servers' WHERE 'ID' = '$host'");

needs to be like this:

$query = mysqli_query($conn, "SELECT `ID` FROM `servers` WHERE `ID` = '$host'");

Right now, you are selecting ID as a string, so you need to put table and column names in `` and you put strings (or variables containing strings in ' ' )

and then do 

$count = $conn -> num_rows($query);
if ($count < 1 ) {
$exists = "false";
}
else
{
$exists = "true";
}

to actually check the number of rows containing $host 's value

Also, you should at least use 

$host = mysqli_real_escape_string($conn, $host);

before using a variable in a query to avoid mysql injection, but better use prepared statements. There are some links in the comments to your question which will help you with that.

Sidenote:

Having used or die(mysqli_error($conn)) to mysqli_query() would have signaled the error.

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

Needs to be like this; why? Plus, OP stands at coming back saying "it doesn't work".
I understand. Now, OP's question is "I'm trying to check if the content of the variable $host exists" - Whether OP truly wants to check if it returns TRUE or FALSE, is fine, but it doesn't really check if a row containing the variable being passed actually exists. Wait for OP to respond.
Was just at writing the second part, if it's still wrong I don't see something right, @Fred-ii-
What you suggested is definitely working. There seems to be another issue somewhere around the code, however now it's correctly determining if $host is contained in the database or not. Thank you very much <3
You're welcome @Neekoy , Please mark the answer as correct if it has helped you
|
1 
$query = mysqli_query($conn, "SELECT ID FROM servers WHERE ID = '".$host."'");
if (empty($query)) {
        $exists = "false";
}
else {
        $exists = "true";
}
Improve this answer

4 Comments

I love "drop-in code" with no explanations. Plus, it will fail. WHERE ID = $host
@Fred-ii- What is unclear ? (and sorry for the quotes, i reedited the answer)
When an answer is given with no explanation as to why OP's code is failing, OP would have not learned the reason why it is failing and stands at doing the same mistake again.
@Fred-ii- I agree with you, but for this specific question, nothing much to explain, it is just a syntaxic error.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.