Get an error from my array and i cant get my url id

Question

I am doing is getting the url id to split the chatroom content but now i have error

here is my

chatMessage.php

include '../config.php';
include 'login.php';

$username = $_SESSION['id'];
$chatroomID =$_GET["chatroomID"];

$sql="SELECT * FROM chatroom_chat where chatroom_id ='$chatroomID'";

while ($row = mysqli_fetch_array($sql)) {
    $chat = $row['chat_ID'];
    $getChatData = "SELECT * FROM chat where id = $chat";
}

$sql1= "SELECT * FROM (
            SELECT * FROM chat ORDER BY id DESC LIMIT 0,40
            ) sub
            ORDER BY id ASC ";

$result =  mysqli_query($connection, $sql1);

    while($extract = mysqli_fetch_array($result)){
        $color = ($extract['id'] == $username) ? '#FFFFFF' : '#66FFFF';
        $position = ($extract['id'] == $username) ? 'right' : 'left';
        $border = ($extract['id'] == $username) ? ' 1px solid black ' : ' none ';

        echo "<div class='msg-dateandtime' style='text-align:$position; float:$position;'> <div class='left-username' style='color:blue;'>" . $extract['id'] ."</div>"
                . "<div class='space'></div>"
                . "<div class='right-date'>  ". $extract['date'] ." </div></div>"
                . "<div class='wrap-message' style='background-color:$color; border:$border; float:$position;'>"
                . "<p style 'text-align=$position; margin:0; padding:0; text-align:left;'> ".$extract['chat']."</p></div>";
    }

i have no idea where goes wrong

Answer 1

Please use as follows:

$chatroomID = isset($_GET["chatroomID"]) ? $_GET["chatroomID"] : '';

Reason: When you assign value to variable $chatroomID and GET request does not have chatroomID index available, there is an error. You should first check if there is a value on this index before assigning to the variable.

WARNING: Prevent direct use of user input variables in sql queries. rather use prepared statements.

Reference: http://php.net/manual/en/mysqli-stmt.bind-param.php