I have a small social website, with profile pages and a search page. It all works fine and on the menu bar it displays the users username with a link to their profile via `profile.php?id=5` (for example).
How ever when I search for something via `search.php` it all works fine, but then when I reload a page after searching, suddenly the username is displayed as 'p' and the link goes to `profile.php?id=p`
Does anybody have any idea what's happening?
Tell me if you need any more information, and thanks in advance.
The code:
<?php
$searchTerm = trim($_GET['search']);
if($searchTerm == "")
{
echo "Enter name you are searching for.";
exit();
}
$host = "";
$db = "";
$user = "";
$pwd = "";
$link = mysqli_connect($host, $user, $pwd, $db);
$query = "SELECT * FROM users WHERE username SOUNDS LIKE '%$searchTerm%' or fname SOUNDS LIKE '%$searchTerm%' or lname SOUNDS LIKE '%$searchTerm%'";
$results = mysqli_query($link, $query);
echo "<div class='searched'>Results for ";
echo $searchTerm;
echo "</div>";
if(mysqli_num_rows($results) >= 1)
{
$output = "";
while($row = mysqli_fetch_array($results))
{
$output .="<div class='user'><a href='profile?id=$row[id]'>";
$output .= "<img class='search_pp' src='" . $row['picture'] . "'/><br>";
$output .= "<div class='search_username'> " . $row['username'] . "</div>";
$output .= "<div class='search_full'>Full name: " . $row['fname'] . " " . $row['lname'] . "</div>";
$output .= "<div class='search_sex'>" . $row['sex'] . "</div></div></a>";
}
echo $output;
}
else
echo "No records of " . $searchTerm;
?>
This is where the username changes to 'p'
<?php echo htmlentities($_SESSION['user']['username'], ENT_QUOTES, 'UTF-8'); ?>
and this is where the id in a link changes to 'p'
<a href="profile?id=<?php echo htmlentities($_SESSION['user']['id'], ENT_QUOTES, 'UTF-8'); ?>">
then the users username and id changes to 'p' all throughout the site