1

How can I use the fetched result to use the values to make another query? I tried to find info on php.net, but can`t figure out.

$sql = "SELECT id FROM orders WHERE customer_id=$customer_id";
$query = mysqli_query($conn, $sql);
while($row= mysqli_fetch_array($query))  {
    $ordersid=$row['id'];
}

$ordersid returns: 13 - order number 1 and 3. Here is my difficulty. How can I make $orderid(1,3)?

After that I want to use 1 and 3 like that in another query:

SELECT * FROM orderdetails WHERE order_id IN ($orderid)

In that way without direct relation will have all answers from the first query to second.

Where is my mistake?

GrumpyCrouton
  • 8,486
  • 7
  • 32
  • 71
Vesselin Cohen
  • 49
  • 4
  • Have a read about JOINs – Strawberry Dec 28 '17 at 19:55
  • why would you not normalize your db instead? Comma-seperated values isn't a good design. – Funk Forty Niner Dec 28 '17 at 19:55
  • 1
    [Little Bobby](http://bobby-tables.com/) says **[you may be at risk for SQL Injection Attacks](https://stackoverflow.com/q/60174/)**. Learn about [Prepared Statements](https://en.wikipedia.org/wiki/Prepared_statement) with [parameterized queries](https://stackoverflow.com/a/4712113/5827005). I recommend `PDO`, which I [wrote a class for](https://github.com/GrumpyCrouton/GrumpyPDO) to make it extremely easy, clean, and more secure than using non-parameterized queries. Also, [This article](https://phpdelusions.net/pdo/mysqli_comparison) may help you choose between `MySQLi` and `PDO` – GrumpyCrouton Dec 28 '17 at 19:58
  • `$ordersid` != `$orderid` for one thing and would constitute as an undefined variable. – Funk Forty Niner Dec 28 '17 at 19:58
  • Note: The object-oriented interface to `mysqli` is significantly less verbose, making code easier to read and audit, and is not easily confused with the obsolete `mysql_query` interface. Before you get too invested in the procedural style it’s worth switching over. Example: `$db = new mysqli(…)` and `$db->prepare("…")` The procedural interface is an artifact from the PHP 4 era when `mysqli` API was introduced and should not be used in new code. – tadman Dec 28 '17 at 20:03
  • Note: Try and get out of the habit of declaring SQL statements in throw-away variables that are used only once. It's a lot easier to follow code where the query is supplied directly to the function, and there's no longer a chance of messing up and sending in `$sql3` instead of the visually similar `$sql8`. – tadman Dec 28 '17 at 20:03

1 Answers1

0

You could put the results into an array and use like follows:

    $a = array();

    $sql = "SELECT id FROM orders WHERE customer_id=$customer_id";
    $query = mysqli_query($conn, $sql);
    while($row= mysqli_fetch_array($query))  {

        array_push($a, $row['id']);

    }

   $data = implode("', '", $a);

And in your next query like so:

SELECT * FROM orderdetails WHERE order_id IN ('$data')
MattBlack
  • 3,616
  • 7
  • 32
  • 58
  • Thank you, MattBlack but it didn`t worked with me. May be I can`t. I added FK in table I want to use. Happy New Year to all! – Vesselin Cohen Dec 29 '17 at 08:04