Here is my code:
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = $user");
echo $output;
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $output ORDER BY last_name ASC");
It echoes $user but not the $output and I got an error:
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\Infant\view\InfantInfo_table.php on line 69
you need to put the $user in quotes.
"SELECT pedia_id FROM users WHERE `uname` = '".$user."'"
also mysql_query returns mysqli_result. You need to get the pedia_id from $output and then use it in next query.
$row = mysqli_fetch_array($output);
now use $row[0] in the next query instead of $output. place it in quotes.
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = '" . $user . "'");
echo $output; //its mysqli_result object
//Fetch the row from the result
$row = mysqli_fetch_array($output);
echo $row[0]; //this is pedia_id
$pedia_id = $row[0]; //wrap it in quotes if its a string
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $pedia_id ORDER BY last_name ASC");
while($infantRow = mysqli_fetch_array($result))
{
//do something here with individual infant_info row
}
EDIT : assuming there can be quotes in the string value of $user. in such a case you need to escape that as well. in general sanitizing any value used for forming queries is considered best practice. alternatively you can use Prepared Statements.
Related
This question already has an answer here:
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 3 years ago.
i have facing problem in php code. the error is given below:
mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in directory name
the php code is:
<?php
$edit_record = $_GET['edit'];
$query = "select * from std_reg where student_id='edit_record'";
$run = mysqli_query($conn, $query);
while($row = mysqli_fetch_array($run))
{
$id = $row['Student_id'];
$name = $row['name'];
}
?>
can any one help?
You have to add the result type to mysqli_fetch_array.
See the syntax: mysqli_fetch_array(result,resulttype);
while($row = mysqli_fetch_array($run,MYSQLI_ASSOC))
Give row name to while loop and add $ to edit_record in query
$edit_record = $_GET['edit'];
$query = "select * from std_reg where student_id='$edit_record'";
$run = mysqli_query($conn, $query);
while($row = mysqli_fetch_array($run))
{
$id = $row['Student_id'];
$name = $row['name'];
}
$row is not defined anywhere. In while loop you must set $row = mysqli_fetch_array($run).
You are not passing value to query correctly. $ is missing here student_id='edit_record'.
<?php
$edit_record = mysqli_real_escape_string($conn, $_GET['edit']);
$query = "SELECT * FROM std_reg WHERE student_id='$edit_record'";
$run = mysqli_query($conn, $query);
if($run)
{
while($row = mysqli_fetch_array($run))
{
$id = $row['Student_id'];
$name = $row['name'];
}
}
?>
You should really use mysqli_fetch_assoc rather than mysqli_fetch_array. It gives you the result you wanted without having to explicitly say what type of array you wanted.
From this query:
$query = "select * from std_reg where student_id='edit_record'";
To this query:
<?php
$edit_record = $_GET['edit'];$query = "select * from std_reg where student_id=".$edit_record; //Please try to observed the concatenation
$run = mysqli_query($conn, $query);
while($row = mysqli_fetch_assoc($run)) {
$id = $row['Student_id'];
$name = $row['name'];
}
?>
I'm trying to select and echo a single field.
This is my code when I'm trying it
session_start();
$query = "select id from user where username = ".$_SESSION['username'];
$result = mysql_query($query);
$admin_id = mysql_fetch_array($result);
echo $admin_id['id'];
When I run that code, this warning text appears
mysql_fetch_array() expects parameter 1 to be resource, boolean given in ......
How should I do it?
You should use quotes when you assign values in sql queries .
$query = "select id from user where username = '{$_SESSION['username']}'";
Or
$query = "select id from user where username = '" . $_SESSION['username'] . "'";
However, it is not a good practice so you better look forward prepared statements to reduce sql injection vulnerability : http://ru2.php.net/pdo.prepared-statements
Try this:
$username = $_SESSION['username'];
$query = "select id from user where username = '$username'";
In the below code when I pass $id_num to check the id field in database it accepts but when I want to pass user id to check with database it shows the following error;
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in line no 12
Can anyone tell me where I'm going wrong.
code:
if(isset($_POST['user_mail']) && isset($_POST['user_pass']))
{
$var_1=$_POST["user_mail"];
$var_2=$_POST["user_pass"];
$result = mysqli_query($con,"SELECT * FROM jsrao_db2 WHERE user_mail=$var_1");
while($row = mysqli_fetch_array($result))
{
if(($row['user_mail']==$var_1) && ($row['user_pass']==$var_2))//compare user name and password with database value
echo "Welcome";
else
echo "Try Again";
}
change your query
$result = mysqli_query($con,"SELECT * FROM jsrao_db2 WHERE user_mail=$var_1");<br>
should be
$result = mysqli_query($con,"SELECT * FROM jsrao_db2 WHERE user_mail='$var_1'");<br>
user_mail is an string so enclose $var_1 in '$var_1'
Use Prepared Statements for cleaning up your code:
$result = false;
$stmt = $con->prepare("SELECT * FROM jsrao_db2 WHERE user_mail=?");
$stmt->bind_result($result);
$result = $stmt->bind_param("s", $var_1)->execute();
if ($result) {
//work with $result
}
Is there any way to store mysql result in php variable? thanks
$query = "SELECT username,userid FROM user WHERE username = 'admin' ";
$result=$conn->query($query);
then I want to print selected userid from query.
Of course there is. Check out mysql_query, and mysql_fetch_row if you use MySQL.
Example from PHP manual:
<?php
$result = mysql_query("SELECT id,email FROM people WHERE id = '42'");
if (!$result) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$row = mysql_fetch_row($result);
echo $row[0]; // 42
echo $row[1]; // the email value
?>
There are a couple of mysql functions you need to look into.
mysql_query("query string here") : returns a resource
mysql_fetch_array(resource obtained above) : fetches a row and return as an array with numerical and associative(with column name as key) indices. Typically, you need to iterate through the results till expression evaluates to false value. Like the below:
while ($row = mysql_fetch_array($query)){
print_r $row;
}
Consult the manual, the links to which are provided below, they have more options to specify the format in which the array is requested. Like, you could use mysql_fetch_assoc(..) to get the row in an associative array.
Links:
http://php.net/manual/en/function.mysql-query.php
http://php.net/manual/en/function.mysql-fetch-array.php
In your case,
$query = "SELECT username,userid FROM user WHERE username = 'admin' ";
$result=mysql_query($query);
if (!$result){
die("BAD!");
}
if (mysql_num_rows($result)==1){
$row = mysql_fetch_array($result);
echo "user Id: " . $row['userid'];
}
else{
echo "not found!";
}
$query="SELECT * FROM contacts";
$result=mysql_query($query);
I personally use prepared statements.
Why is it important?
Well it's important because of security. It's very easy to do an SQL injection on someone who use variables in the query.
Instead of using this code:
$query = "SELECT username,userid FROM user WHERE username = 'admin' ";
$result=$conn->query($query);
You should use this
$stmt = $this->db->query("SELECT * FROM users WHERE username = ? AND password = ?");
$stmt->bind_param("ss", $username, $password); //You need the variables to do something as well.
$stmt->execute();
Learn more about prepared statements on:
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php MySQLI
http://php.net/manual/en/pdo.prepared-statements.php PDO
$query = "SELECT username, userid FROM user WHERE username = 'admin' ";
$result = $conn->query($query);
if (!$result) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$arrayResult = mysql_fetch_array($result);
//Now you can access $arrayResult like this
$arrayResult['userid']; // output will be userid which will be in database
$arrayResult['username']; // output will be admin
//Note- userid and username will be column name of user table.
I have the following code and it should return just one value (id) from mysql table. The following code doesnt work. How can I output it without creating arrays and all this stuff, just a simple output of one value.
$query = "SELECT id FROM users_entity WHERE username = 'Admin' ";
$result = map_query($query);
echo $result;
I do something like this:
<?php
$data = mysql_fetch_object($result);
echo $data->foo();
?>
You have to do some form of object creation. There's no real way around that.
You can try:
$query = "SELECT id FROM users_entity WHERE username = 'Admin' ";
//$result = map_query($query);
//echo $result;
$result = mysql_query($query); // run the query and get the result object.
if (!$result) { // check for errors.
echo 'Could not run query: ' . mysql_error();
exit;
}
$row = mysql_fetch_row($result); // get the single row.
echo $row['id']; // display the value.
all you have is a resource, you would still have to make it construct a result array if you want the output.
Check out ADO if you want to write less.
Not sure I exactly understood, what you want, but you could just do
$result = mysql_query('SELECT id FROM table WHERE area = "foo" LIMIT 1');
list($data) = mysql_fetch_assoc($result);
if you wish to execute only one row you can do like this.
$query = "SELECT id FROM users_entity WHERE username = 'Admin' ";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
echo $row[0];
there have been many ways as answered above and this is just my simple example. it will echo the first row that have been executed, you can also use another option like limit clause to do the same result as answered by others above.