Here is my code:
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = $user");
echo $output;
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $output ORDER BY last_name ASC");
It echoes $user but not the $output and I got an error:
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\Infant\view\InfantInfo_table.php on line 69
您需要将 $user 放在引号中。
"SELECT pedia_id FROM users WHERE `uname` = '".$user."'"
mysql_query也返回mysqli_result。您需要从 $output 获取 pedia_id,然后在下一个查询中使用它。
$row = mysqli_fetch_array($output);
现在在下一个查询中使用 $row[0] 而不是 $output。将其放在引号中。
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = '" . $user . "'");
echo $output; //its mysqli_result object
//Fetch the row from the result
$row = mysqli_fetch_array($output);
echo $row[0]; //this is pedia_id
$pedia_id = $row[0]; //wrap it in quotes if its a string
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $pedia_id ORDER BY last_name ASC");
while($infantRow = mysqli_fetch_array($result))
{
//do something here with individual infant_info row
}
编辑:假设 $user 的字符串值中可以有引号。在这种情况下,你也需要逃避它。一般来说,清理用于形成查询的任何值被认为是最佳实践。或者,您可以使用Prepared Statements。