1

I'm trying to pull data from my databases into a html table, everything worked fine until I tried introducing another database to add another variable to the table.

here is my code(just for context):

<?php 

require 'dbh-inc.php';


$id = $_SESSION['userId'];
 if(isset($id) == false)
    {
        header("Location:../account.php?faliure");
        exit();

    }

                    $sql = "SELECT product, productAmount, dateOfPurchase, productStatus, userAddress  FROM sales;";
                    $result = mysqli_query($conn, $sql);
                    $resultCheck = mysqli_num_rows($result);
                    if($resultCheck > 0){
                    while($row = mysqli_fetch_assoc($result)){

                        $sql1 = "SELECT eLink FROM products WHERE $row\['product'\];";
                        $result1 =  mysqli_query($conn, $sql1);
                        $resultCheck1 = mysqli_num_rows($result1);
                        if($resultCheck1 == 0){
                            $row1['eLink'] = " ";
                        }
                        else
                            $row1['eLink'] = mysqli_fetch_assoc($result1);


                        echo "<tr><td>". $row['product'] ."</td><td>" . $row['productAmount']. "</td><td>". $row['dateOfPurchase']. "</td><td>". $row['userAddress']. "</td><td>". $row1['eLink'] . "</td><td>" .$row['productStatus']. "</td></tr>" ;
                    }
                    }
                    else
                        echo '<div>no product purcheses yet</div>';
                    exit();
?>

the problematic lines are:

$sql1 = "SELECT eLink FROM products WHERE $row\['product'\];";
                            $result1 =  mysqli_query($conn, $sql1);
                            $resultCheck1 = mysqli_num_rows($result1);
                            if($resultCheck1 == 0){
                                $row1['eLink'] = " ";
                            }
                            else
                                $row1['eLink'] = mysqli_fetch_assoc($result1);

the errors I get are:

Notice: Array to string conversion in C:\xampp\htdocs\coupleslove php\includes\manage_sales-inc.php on line 20

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given in C:\xampp\htdocs\coupleslove php\includes\manage_sales-inc.php on line 22

Notice: Array to string conversion in C:\xampp\htdocs\coupleslove php\includes\manage_sales-inc.php on line 20

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given in C:\xampp\htdocs\coupleslove php\includes\manage_sales-inc.php on line 22

What is wrong with the code? I understand that it has to do with inserting a wrong type to a function, although a couple lines before I do the same and everything is fine, I'm kind of confuzed with what is wrong with the code. is this a syntax problem?

thank you in advance!

Meon
  • 47
  • 9
  • Does this answer your question? [Reference - What does this error mean in PHP?](https://stackoverflow.com/questions/12769982/reference-what-does-this-error-mean-in-php) – Alon Eitan Apr 24 '20 at 11:58
  • You have this line `$row1['eLink'] = " ";` and also this one `$row1['eLink'] = mysqli_fetch_assoc($result1);` - On the first you're assigning a string while on the second you assign an array, and then you're using `$row1['eLink']` on this line: `echo ""....` - It will trigger the error if you hit the `else` part – Alon Eitan Apr 24 '20 at 12:01
  • @AlonEitan, thanks, so what should I do to add the variable from the other database using "...WHERE (product name)" ? – Meon Apr 24 '20 at 12:19
  • @AlonEitan and thank you for the erorr list, I understand what the error means, I don't understand how to solve the error and still make the code do what I wanted. – Meon Apr 24 '20 at 12:21
  • Let me post an answer... Just a sec... – Alon Eitan Apr 24 '20 at 12:24

1 Answers1

2

I tried to explain in the comments but it is too complex.

You should always use Prepared Statements to prevent SQL injection, and use valid SQL queries. So this line:

$sql1 = "SELECT eLink FROM products WHERE $row\['product'\];";

Should be converted to (Assuming the products table has a numeric key named id)

$stmt = $conn->prepare("SELECT eLink FROM products WHERE id = ?");
$stmt->bind_param("i", $row['product']);
$stmt->execute();
$result1 = $stmt->get_result();

if($result1->num_rows === 0) {
    $eLink = ' ';
} else {
    $row1 = $result1->fetch_assoc();
    $eLink = $row1['eLink'];
}

Then you can output the $eLink variable like this:

echo "<tr><td>". $row['product'] ."</td><td>" . $row['productAmount']. "</td><td>". $row['dateOfPurchase']. "</td><td>". $row['userAddress']. "</td><td>". $eLink . "</td><td>" .$row['productStatus']. "</td></tr>" ;
Alon Eitan
  • 11,997
  • 8
  • 49
  • 58