PHP Creating dynamic WHERE clause

Question

I'm creating a php that can search the database dynamically with the WHERE clause. But I got this error mid way through it:

mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in

I was trying to display the SELECT result in a table using mysqli_fetch_assoc(). I thought using mysqli_fetch_assoc() would return the result in an array and thus can be used for display in the table, but apparently that's not working right now...

My PHP:

for ($i=1; $i<=5; $i++){
        if (isset($_POST["Q".$i])){
            ${"Q".$i} = $_POST["Q".$i];
            ${"Q".$i} = sanitise_input(${"Q".$i});
        }
    }

    $whereParts = array();
    if($Q1) { $whereParts[] = "firstname LIKE '%$Q1%' ";}
    if($Q2) { $whereParts[] = "lastname LIKE '%$Q2%' ";}
    if($Q3) { $whereParts[] = "student_number = ? ";}
    if($Q4) { $whereParts[] = "attempt_number = ? ";}
    if($Q5) { $whereParts[] = "attempt_score = ? ";}

    $query = "SELECT firstname, lastname, student_number, attempt_number, attempt_score FROM attempts ";
    if(count($whereParts)) {
        $query .= "WHERE " . implode('AND ', $whereParts);
    }
    $stmt = mysqli_prepare($conn, $query);
    @mysqli_stmt_bind_param($stmt, 'sssss', $Q1, $Q2, $Q3, $Q4, $Q5);

    mysqli_stmt_execute($stmt);
    if(!$stmt){
        echo "<p>Something is wrong with ", $query, "</p>";
    } else {
        echo "<table border =\"1\" id='result_table'>";
        echo "<tr>"
            ."<th scope=\"col\">First Name</th>"
            ."<th scope=\"col\">Last Name</th>"
            ."<th scope=\"col\">Student ID</th>"
            ."<th scope=\"col\">Attempt number</th>"
            ."<th scope=\"col\">Attempt score</th>"
            ."</tr>";
        $a = mysqli_stmt_get_result($stmt);
        while ($row = mysqli_fetch_assoc($a)){
            echo "<tr>";
            echo "<td>", $row["firstname"], "</td>";
            echo "<td>", $row["lastname"], "</td>";
            echo "<td>", $row["student_number"], "</td>";
            echo "<td>", $row["attempt_number"], "</td>";
            echo "<td>", $row["attempt_score"], "</td>";
            echo "</tr>";
        }
        echo "</table>";

My HTML:

<label for="fName">First name</label>
<input type="text" id="fName" name= "Q1"/>

<label for="lName">Last name</label> 
<input type="text" id="lName" name= "Q2"/>

<label for="id">Student ID</label> 
<input type="text" id="id" name= "Q3"/>

<label for="Q4">Attempt</label>
<select id="Q4" name="Q4">
    <option value="">Please Select</option>
    <option value="1">First Attempt</option>
    <option value="2">Second Attempt</option>
    <option value="3">Third Attempt</option>
</select>

<label for="Q5">Score</label>
<select id="Q5" name="Q5">
    <option value="">Please Select</option>
    <option value="100">100%</option>           
    <option value="80">80%</option>
    <option value="60">60%</option>
    <option value="40">40%</option>
    <option value="20">20%</option>
    <option value="0">0%</option>
</select>

Where am I going wrong?

EDIT: I've found the problem. Because I had Q1 to Q5 in the mysqli_stmt_bind_param, I'd need to enter all 5 to get a row, which is not working the way I want it to...

@scaisEdge This is not a dup to that post because I did use AND in my code... — Khang, May 20 '18 at 16:59
Ok, nvm, I fixed it. There was no need for a bind when I can just replace the ? with the values themselves — Khang, May 20 '18 at 17:18

PHP Creating dynamic WHERE clause

0 Answers0