-3

since yesterday, I have the problem that fetch_assoc() is just getting executed once and after that, every time I'm calling fetch_assoc(), the returned value is null.

Can someone figure out what's the problem? If I do the query in phpmyadmin, the expected results aren't null.


  $sent = $mysqli_chat->query("SELECT to_user_id FROM chat WHERE from_user_id='" . $_SESSION['id'] . "';");
  $receive = $mysqli_chat->query("SELECT from_user_id FROM chat WHERE to_user_id='" . $_SESSION['id'] . "';");

while ($row = $receive->fetch_assoc()){
  $contacts = $mysqli->query('SELECT vorname_eltern, nachname_eltern, vorname_lehrer, nachname_lehrer FROM login WHERE id="' . $row['from_user_id'] . '";');
  $nachname = $contacts->fetch_assoc()['nachname_eltern'] . $contacts->fetch_assoc()['nachname_lehrer'];

  $vorname = $contacts->fetch_assoc()['vorname_eltern'] . $contacts->fetch_assoc()['vorname_lehrer'];

  $chats .= '<li class="list-group-item p-0 px-3 pb-2" style="border-top:0;" onclick="changeChat(' . $i++ . ')">
    <img class="user-avatar rounded-circle mr-2" src="images/avatars/0.jpg" alt="User Avatar" width="40" height="40"><span>' . $vorname . ' ' . $nachname . '</span>
    </li>';
    $js_nachname .= "'" . $nachname . "', ";
    $js_vorname .= "'" . $vorname . "', ";
}
Dharman
  • 30,962
  • 25
  • 85
  • 135
Leonardo Cizmar
  • 17
  • 4
  • You never use `$sent`, why did you post it? – Barmar Oct 28 '19 at 17:13
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) – Dharman Oct 28 '19 at 17:17
  • I already know that. Firstly, I want to get the functionality and then care about the security. – Leonardo Cizmar Oct 28 '19 at 17:22

1 Answers1

1

I assume you're talking about $contacts->fetch_assoc(). The $contacts query only matches a single row. Each time you call $contacts->fetch_assoc() it tries to return the next row of results, but there's not a next row. The first call to $contacts->fetch_assoc() returns that row, subsequent calls return NULL.

You should assign the row to a variable, then use the variable instead of calling fetch_assoc() repeatedly.

$contacts = $mysqli->query('SELECT vorname_eltern, nachname_eltern, vorname_lehrer, nachname_lehrer FROM login WHERE id="' . $row['from_user_id'] . '";');
$contact_row = $contacts->fetch_assoc();
$nachname = $contact_row['nachname_eltern'] . $contact_row['nachname_lehrer'];
$vorname = $contact_row['vorname_eltern'] . $contact_row['vorname_lehrer'];
Barmar
  • 741,623
  • 53
  • 500
  • 612