这是我的代码:
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = $user");
echo $output;
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $output ORDER BY last_name ASC");
它回显$user但不回应$output,我收到了错误:
警告:mysqli_fetch_array()要求参数1为mysqli_result,第69行的C:\ xampp \ htdocs \ Infant \ view \ InfantInfo_table.php中给出布尔值
答案 0 :(得分:1)
你需要将$ user放在引号中。
"SELECT pedia_id FROM users WHERE `uname` = '".$user."'"
mysql_query也会返回mysqli_result。你需要从$ output获取pedia_id,然后在下一个查询中使用它。
$row = mysqli_fetch_array($output);
现在在下一个查询中使用$ row [0]而不是$ output。把它放在引号中。
$user = $_SESSION['uname'];
echo $user;
$output=mysqli_query($con,"SELECT pedia_id FROM users WHERE uname = '" . $user . "'");
echo $output; //its mysqli_result object
//Fetch the row from the result
$row = mysqli_fetch_array($output);
echo $row[0]; //this is pedia_id
$pedia_id = $row[0]; //wrap it in quotes if its a string
$result = mysqli_query($con,"SELECT * FROM infant_info where pedia_number = $pedia_id ORDER BY last_name ASC");
while($infantRow = mysqli_fetch_array($result))
{
//do something here with individual infant_info row
}
编辑:假设$ user的字符串值可以有引号。在这种情况下你也需要逃避它。一般来说,消毒用于形成查询的任何值都被认为是最佳实践。或者你可以使用Prepared Statements。