I'm an amateur at php
mysqli
queries. So i was working on a 2nd factor login where user inputs their security answer, but I wanted to echo the user's security question on the form, instead I'm ending up echoing the whole security questions of all users on my database. This is literally a cry for help. lol.
HTML CODE
<section id="client-auth-wrapper">
<div class="container">
<div class="card card-container">
<img id="profile-img" class="profile-img-card" src="//ssl.gstatic.com/accounts/ui/avatar_2x.png" />
<p id="profile-name" class="profile-name-card"></p>
<form class="form-signin" method="post">
<?php include ('second_security.php'); ?>
<span id="reauth-email" class="reauth-email"></span>
<p>Security Question:</p> <?php
$no = 1;
while ($row = mysqli_fetch_array($query)){
echo'
'.$row['security_quest'].'
';
$no++;
}
?>
<input type="text" id="inputAnswer" name="security_ans" class="form-control" placeholder="Security answer" required autofocus>
<button class="btn btn-lg btn-primary btn-block btn-signin" type="submit" name="submit">Submit</button>
</form>
</div>
</div>
</section>
PHP CODE
<?php
session_start();
$db = mysqli_connect('localhost', 'root', '', 'econ');
if (!$db) {
die ('Failed to connect to MySQL: ' . mysqli_connect_error());
}
$user_check = $_SESSION['username'];
$security_quest = $_SESSION['security_quest'];
$ses_sql = mysqli_query($db, "SELECT username FROM admin_users WHERE username = '$user_check'");
$row = mysqli_fetch_assoc($ses_sql);
?>
</div>