Having trouble pushing data from a sql query to an array for comparison

Question

So I am trying to compare user input from a form with data from a database, first name, last name, and email. My problem has been comparing my results with the ones that the user put in. What I am trying to do is put the results from my query into an array and then compare each array item against the input of the user. Yet I can't get through my process. What am I doing wrong?

Thank you all in advance.

PS I am a php newbie so any suggestions would also be appreciated

<?php
$servername = "localhost";
$username = "jon";
$password = "test";
$dbname = "test";

$conn = new mysqli($servername, $username, $password, $dbname);

//test connection
if($conn -> connect_error) {
  die("Connection Error: " . $conn -> connect_error);
}

//input from the user
$firstname = $_POST['first'];
$lastname = $_POST['last'];
$email = $_POST['email'];

//query for the database to select the columns
$queryFirst = "SELECT firstname FROM users";
$queryLast = "SELECT lastname FROM users";
$queryEmail = "SELECT email FROM users";

//query results
$resultFirst = $conn -> query($queryFirst);
$resultLast = $conn -> query($queryLast);
$resultEmail = $conn -> query($queryEmail);

$firstResult = array();
$lastResult = array();
$emailResult = array();

array_push($firstResult, $resultFirst);
array_push($lastResult, $resultLast);
array_push($emailResult, $resultEmail);

$firstValid = mysqli_result::fetch_array($firstResult);
$lastValid = mysqli_result::fetch_array($lastResult);
$emailValid = mysqli_result::fetch_array($emailResult);

//comparing query results to user input
foreach($firstResult as $comp) {
  if(strpos($firstname, $comp) !== false) {
    $firstname = true;
  } else {
    return false;
  }
}

foreach($lastResult as $comp) {
 if(strpos($lastname, $comp) !== false) {
    $lastname = true;
  } else {
    return false;
  }
}

foreach($emailResult as $comp) {
  if(strpos($email, $comp) !== false) {
    $email = true;
  } else {
    return false;
  }
}

//redirection if successful or if failure
$success = "../loggedin.php";
$failure = "../fail.php";

if($firstname && $lastname && $email = true) {
  header($success);
  exit();
} else {
  header($failure);
  exit();
}

$conn -> close();
?>

Answer 1

Okay so first thing as already told you andrewsi, you can get all the info in one query. But if you want to select only one row, you should use a WHERE clause telling what to look for.

Check this:

<?php
$servername = "localhost";
$username = "jon";
$password = "test";
$dbname = "test";

$conn = new mysqli($servername, $username, $password, $dbname);
//test connection
if($conn -> connect_error) {
 die("Connection Error: " . $conn -> connect_error);
}

//input from the user . addslashes is for security, so they won't break your query and potentially abuse it.
$firstname = addslashes($_POST['first']);
$lastname = addslashes($_POST['last']);
$email = addslashes($_POST['email']);

//query for the database to select the columns
$query = "SELECT firstname, lastname, email FROM users WHERE firstname = '$firstname' and lastname = '$lastname' and email = '$email'";

//query results
$result = $conn -> query($query);

$numRows = $result->num_rows;

//redirection if successful or if failure
$success = "../loggedin.php";
$failure = "../fail.php";

if($numRows > 0) {
  header($success);
  exit();
} else {
  header($failure);
  exit();
}

$conn -> close();
?>

Haven't tested it but the idea is to check for a match in the query, not afterwards. Then if there's a match, it will return at least one row (if you defined your table correctly it shouldn't be possible to have duplicates).

Then based on that you make your choice.