Here is my code:
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = $user");
echo $output;
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $output ORDER BY last_name ASC");
It echoes $user but not the $output and I got an error:
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\Infant\view\InfantInfo_table.php on line 69
分享 you need to put the $user in quotes.
"SELECT pedia_id FROM users WHERE `uname` = '".$user."'"
also mysql_query returns mysqli_result. You need to get the pedia_id from $output and then use it in next query.
$row = mysqli_fetch_array($output);
now use $row[0] in the next query instead of $output. place it in quotes.
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = '" . $user . "'");
echo $output; //its mysqli_result object
//Fetch the row from the result
$row = mysqli_fetch_array($output);
echo $row[0]; //this is pedia_id
$pedia_id = $row[0]; //wrap it in quotes if its a string
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $pedia_id ORDER BY last_name ASC");
while($infantRow = mysqli_fetch_array($result))
{
//do something here with individual infant_info row
}
EDIT : assuming there can be quotes in the string value of $user. in such a case you need to escape that as well. in general sanitizing any value used for forming queries is considered best practice. alternatively you can use Prepared Statements.
分享