0

I'm trying to fetch couple of single data in my server database but this is throwing some errors. The incoming data is correct. The search function just don't get completed.

Here's the code:

<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
define('HOST','xxxxxxxxxxx');
define('USER','xxxxxxxxxxxx');
define('PASS','xxxxxxxxx');
define('DB','xxxxxxxxxx');
 $con = mysqli_connect(HOST,USER,PASS,DB);

 $post_id = $_POST['id'];
 $buyer_mobile = $_POST['mobile'];
 $buyer_name = $_POST['name'];

$sql = "select mobile from flatowner where id='$post_id'";
$res = mysqli_query($con,$sql);
$owner_mobile = $row['mobile'];



$sql = "select name from user where mobile='$owner_mobile'";
$r = mysqli_query($con,$sql);
$owner_name = $row['name'];
$sql = "INSERT INTO flat_booking         (post_id,owner_mobile,owner_name,buyer_mobile,buyer_name) VALUES         ('$post_id','$owner_mobile','$owner_name','$buyer_mobile','$buyer_name')";
if(mysqli_query($con,$sql)){
 echo "Success";
 }
 else{
 echo "error";
 }
mysqli_close($con);
}else{
echo 'error1';
}

What am I doing wrong here? Maybe this:

$owner_mobile = $row['mobile'];

Thanks in advance!

Improve this question
3
  • First thing that you're doing wrong is injecting unvalidate/unescaped user input directly into a SQL query..... use prepared statements/bind variables, and always assume that the user wants to SQL inject your system to delete your database Commented Dec 2, 2015 at 9:28
  • check my ans it's work Commented Dec 2, 2015 at 9:32
  • $res = mysqli_query($con,$sql);$row = mysql_fetch_array($res); $owner_mobile = $row['mobile']; Commented Dec 2, 2015 at 9:37

2 Answers 2

Reset to default
1 
create table flatower and add mobile column    
$post_id = 1;
    $sql = "select mobile from flatowner where id='$post_id'";
    $res = mysql_query($con,$sql);
    $row = mysql_fetch_array($res);
    $owner_mobile = $row[0]['mobile'];
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Care to add some explanation?
0

Your problem is this line:

$owner_mobile = $row['mobile'];

You have not created the $row variable. For this you would need to do something such as:

Do this first:

<?php
$row = array();
while ($result = mysqli_fetch_assoc($res))
{
    $row[] = $result;
}
?>

This allows you to do this:

<?php
foreach ($row as $r)
{
    var_dump($r); print "<br />"; // One row from the DB per var dump
}
?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.