-2

How do I recover a database row using a GET variable send from the previous page?

I have tried this:

        $username = $_GET["username"];

        $result = mysqli_query($con,"SELECT * FROM users
        WHERE username=$username");

but it gives me the error 

Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in /homepages/12/d441172468/htdocs/cmd/play/index.php on line 33

Please help! Thanks!

4

1 回答 1

2

Whenever you get that error, you should immeditely add this debugging code:

var_dump(mysqli_error());

With that out of the way, here it's a fairly simple case of neglecting to put quotes around your variable. Also you fail to escape it so you're inviting Bobby Tables...

Try this:

$result = mysqli_query($con,
    "SELECT * FROM users WHERE username='"
    .mysqli_real_escape_string($_GET['username'])."'");
于 2013-03-06T03:12:10.237 回答