I’m aware of sql injections, this is just test code. I’m passing values for “user” and “post” through the url to make certain content from my database appear on the website. I’m getting this error..

Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, bool given

...For this line of code...

while ($userrow = mysqli_fetch_assoc($userresult)) {

I’m using the result variable, I don’t know why it’s not working.

Here’s the rest of my code

function getPost($conn) {
        $userName = $_GET["user"];
        $postid = $_GET["post"];
        $usersql = "SELECT * FROM users WHERE userName = $userName";
        $userresult = mysqli_query($conn, $usersql);
        while ($userrow = mysqli_fetch_assoc($userresult)) {
            $hostid = $userrow['userid'];

            $sql = "SELECT * FROM posts WHERE hostid = '$hostid' AND postid = '$postid'";
            $result = mysqli_query($conn, $sql);
            while ($row = mysqli_fetch_assoc($result)) {
                if (mysqli_num_rows($result)==0) {
                    echo '
                        <p>Error.  Post does not exist.</p>
                    ';
                }
                else {
                    $title = $row['title'];
                    $description = $row['description'];
                    $filename = "posts/".$hostid."/".$postid."*";
                    $fileinfo = glob($filename);
                    $fileext = explode(".", $fileinfo[0]);
                    $fileactualext = $fileext[1];
                    echo '
                            <div class="PostPage"><p>
                                '.$row['title'].'<br>
                                <img src="posts/'.$hostid.'/'.$postid.'>
                                '.$row['date'].'<br>
                                '.$row['description'].'<br>
                                </p>
                            </div>
                        ';
                }
            }
        }    
    }

0 Answers