Você poderia fazer isso assim:
<?php
# Store the user input username
if (isset($_SESSION['email']) && strlen($_SESSION['email']) > 0) {
$email = $_SESSION['email'];
} else {
// Die the error
printf('No email address available');
exit;
}
# Set DB connection details
$DBHost = 'localhost';
$DBUser = 'username';
$DBPass = 'password';
$DBName = 'database';
// Configure error reporting
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
# Create a database connection for PHP to use
$link = mysqli_connect($DBHost, $DBUser, $DBPass, $DBName);
// Set encoding type to uft8
mysqli_set_charset($link, 'utf8mb4');
# Query the database
// Build the query
$query = 'SELECT `firstname`,`lastname`,`username` FROM `table` WHERE `email` = ? LIMIT 1 ';
// Prepare it
$stmt = $link->prepare($query);
// Bind in the user input data so as to avoid SQL injection
$stmt->bind_param('s', $email);
// Execute the query
$stmt->execute();
// Bind the results to some variables
$stmt->bind_result($firstname, $lastname, $username);
// Fetch the data
$stmt->fetch();
// Close the query
$stmt->close();
# Build the html
$pageHtml = '
<p>First Name: '.$firstname.'</p>
<p>Last Name: '.$lastname.'</p>
<p>User Name: '.$username.'</p>
';
# Display the html
echo $pageHtml;
Leitura adicional
Manual MySQLi:
http://php.net/manual/en/book.mysqli.php
Sobre conexões MySQLi:
http://php.net/manual/en/mysqli.quickstart.connections .php
Sobre as declarações preparadas do MySQLi:
http://php.net/manual/en/mysqli.quickstart .prepared-statements.php
Sobre índices de tabelas de banco de dados e "onde" usá-los... Trocadilhos :)
Como funciona a indexação de banco de dados?
http://dev.mysql.com/doc/refman /5.0/en/mysql-indexes.html