0

Here is my code:

$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = $user");
echo $output;
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $output ORDER BY last_name ASC");

It echoes $user but not the $output and I got an error:

Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\Infant\view\InfantInfo_table.php on line 69

4

1 回答 1

1

您需要将 $user 放在引号中。

"SELECT pedia_id FROM users WHERE `uname` = '".$user."'"

mysql_query也返回mysqli_result。您需要从 $output 获取 pedia_id,然后在下一个查询中使用它。

$row = mysqli_fetch_array($output);

现在在下一个查询中使用 $row[0] 而不是 $output。将其放在引号中。

$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = '" . $user . "'");
echo $output;  //its mysqli_result object
//Fetch the row from the result
$row = mysqli_fetch_array($output);
echo $row[0];  //this is pedia_id
$pedia_id = $row[0];  //wrap it in quotes if its a string
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $pedia_id ORDER BY last_name ASC");

while($infantRow = mysqli_fetch_array($result))
{
   //do something here with individual infant_info row
}

编辑:假设 $user 的字符串值中可以有引号。在这种情况下,你也需要逃避它。一般来说,清理用于形成查询的任何值被认为是最佳实践。或者,您可以使用Prepared Statements

于 2013-10-08T20:45:51.650 回答