So I'm currently coding a system where when they log in, they get a specialized panel for their ranking.
By default they are called User, and the Admins get, well, Admin.
When I am trying to get the verification that they are an Admin.
error_reporting(E_ALL); // i've been trying to find the bugs with this
require_once('db.php'); //using the good ol $conn = new mysqli
session_start();
if(!isset($_SESSION['username']) || empty($_SESSION['username'])){
header("location: login.php");
exit;
//to detect if they are logged in or not
}
//here is a failed attempt where I tried to "escape" the $_SESSION variable
// which still doesn't work
$username = $conn->real_escape_string($_SESSION['username']);
// I've tried this query with the $_SESSION variable escaped, with it's alias
// etc.
$query1 = "SELECT * FROM `users` WHERE `rank` = Admin AND
`username`='".$username."'";
// preparing to execute
$result = $conn->query($query1);
// this is where I detect if there is a row, set it to use Admin things
// which I will code later, for now just var holders.
if ($result->num_rows > 0) {
$rank = 'Admin';
} else {
$rank = 'User';
}
I've looked everywhere about property of non-object, but I only find old 2008 posts, which I've tried to implement, but end up not working.
Using XAMPP (apache) with PHP 7