Simple mysqli query not working

Question

I'm trying to get simple info from a database and echo it to screen, but it's not working for me.

$con=mysqli_connect("SERVER.COM","USERNAME","PASSWORD", "DATABASE");

function GetTeamFixtures($team)
{
    $queryget = mysqli_query($con, "SELECT * FROM 'mlsfixtures' WHERE team='$team' LIMIT 1");
    $row = mysqli_fetch_assoc($queryget);
    $gw1 = $row['gw1'];
    $gw2 = $row['gw2'];

    echo $team.' '.$gw1.' '.$gw2.'<br>';
}

$team = "Chicago Fire"; GetTeamFixtures($team);
$team = "Chivas USA"; GetTeamFixtures($team);
$team = "Colorado Rapids"; GetTeamFixtures($team);
//continue for all teams - removed for simplicity

Here are the error messages I get (line 46 is the $queryget= one and line 49 is the $row = one).

Warning: mysqli_query() expects parameter 1 to be mysqli, null given in server.com\teamfix.php on line 46

Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, null given in server.com\teamfix.php on line 49

Any idea why? I'm not sure if there's an easier way of doing the same thing but for 19 different teams.

Answer 1

One of the errors i've found, aside from the two users that explained about connection, is the invalid use of single quotes.

Tables names should not be wrap with single quotes as they are identifiers and not a string literals. Remove the single quotes and it should work,

SELECT * FROM mlsfixtures WHERE team='$team' LIMIT 1

• MySQL - when to use single quotes, double quotes, and backticks?

As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.

• How to prevent SQL injection in PHP?

Answer 2

Another way to access variables outside a function instead of using global variables is to add it up in its parameters

E.g

function GetTeamFixtures($team,$con)
{
   // query inside
}

Also as J W says in your query remove '' or replace it with `` backticks..

Answer 3

(This is my attempt at combining all the other answers in a concise manner.)

There are two problems.

First, the global variable $con is not accessible from within your function without a global statement. The global statement can be used to create a reference to $con from within your function.

global $con; // is equivalent to:
$con =& $GLOBALS['con'];

Second, the table name cannot be enclosed in single quotes. Remove the quotes.

// By the way, this should be using mysqli::prepare and mysqli_stmt::bind_param
// to prevent SQL injection
$queryget = mysqli_query($con, "SELECT * FROM mlsfixtures WHERE team='$team' LIMIT 1");

Answer 4

You don't have access to $con from within your function. This should work:

$con = mysqli_connect("SERVER.COM","USERNAME","PASSWORD", "DATABASE");

function GetTeamFixtures($team)
{
    global $con;
    $queryget = mysqli_query($con, "SELECT * FROM `mlsfixtures` WHERE `team`='$team' LIMIT 1");
    $row = mysqli_fetch_assoc($queryget);
    $gw1 = $row['gw1'];
    $gw2 = $row['gw2'];

    echo $team.' '.$gw1.' '.$gw2.'<br>';
}

P.S. If the $team you're passing in to GetTeamFixtures comes from user input, you should prepare your statement, to prevent SQL injection.

Answer 5

$con isn't visible within the function. If you want a global variable to be in scope in a function, you must declare it global:

function GetTeamFixtures($team) {
  global $con;
  # ...
}