What I’m trying to do is select the contents of the logged on user’s friends table. However, I always receive this error: Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given
This is the code: $cuser = $_COOKIE["cuser"]; $csalt = $_COOKIE["csalt"]; $queryuserstats = mysqli_query($connection, "SELECT * FROM s_users WHERE Salt='$csalt'"); $userstats = mysqli_fetch_assoc($queryuserstats); $userfriendstable = ("$userstats[0]['Username'] . 'Friends'"); $findfriends = mysqli_query($connection, "SELECT * FROM '$userfriendstable'"); $userfriends = mysqli_fetch_assoc($findfriends);
This error occurs: Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given
However, when I replace "SELECT * FROM '$userfriendstable'"); with "SELECT * FROM ActualTableName, it works.
What’s in $userfriendstable, and $userstats, before you try the query? The syntax on this line seems a bit weird, with more brackets and quotes than I’d expect.
I assume the above query is failing so there is no data for the second query. I would get the first query working on its own so you do not get confused which is causing the error and then put the second query back.
Have you checked what the cookie variables contain?
The reason how I know that the above query works is because if I replace "SELECT * FROM '$userfriendstable'" with "SELECT * FROM ActualTableName, it works. It’s just that I didn’t set $userfriendstable right but I don’t know what’s wrong with it.
You have told me the above only contains friends. If you hardcode the table name the second query works. That means there is probably something wrong with:
The information for this comes from the first query which I assume must be failing.
You have to use some logic in error finding and you need to start from the beginning and check everything as you go.
I tested the query and it resulted with one value, which is what I expected, but now I’m just think, “Doesn’t an array have to have values 0 AND 1?” I’ve received an error before saying something like “this array needs values 0 and 1.” (meaning that the array must have 2 values)
Sorry, I meant the second query. If you var_dump those variables after they’ve been retrieved from the first query, do they contain the values that you would expect, and that would allow the second query to work?
I did echo var_dump($userstats) and nothing came out. I did echo var_dump($userfriendstable) and got NULL string(7) "Friends". These results are not the values I expected which won’t allow the second query to function properly.
There’s no need to use echo, and I don’t know if that makes any difference to the results of var_dump.
var_dump($userstats);
is all that’s needed, just after the mysqli_fetch_assoc() has run. If you get nothing, it means the query returns nothing. Also note that as you’re using mysqli_fetch_assoc(), the results will be in an associative array, so you want to use $userstats[‘rowname’] rather than the numeric index you’re using.
You’re a sitting duck for SQL Injection attacks, as a cookie is user submitted data which should be validated and then a prepared used when sending the value for the salt in the query?
Also do you really use every field in the s_users table? If you don’t just select the fields that you need
No you are not - that’s an escaping function that assumes the input is valid. You need to validate the input before passing it to that output function.
