-2

I've been having weird problems lately, my code is playing up badly, working one second and then not working!!

I have this query 

$stuff_get = mysqli_query($con,"SELECT users.id, users.email, users.hash, users.username FROM users WHERE users.username = '$username' AND users.id=$id4");
$gotstuff = mysqli_fetch_array($stuff_get, MYSQL_ASSOC);

Which provides this error message

 Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given

Usually that means it just generally doesn't work but it worked literally 2 minutes beforehand (without any changes).

Here's the full code

<?php
session_start();
$username = $_SESSION['userlogin'];
include("connect.php");


$id_get = mysqli_query($con,"SELECT units.id, users.id, users.username FROM units, users WHERE       users.username = '$username' AND units.id = users.id");
$gotid = mysqli_fetch_array($id_get);
$id4 = $gotid["id"];

$stuff_get = mysqli_query($con,"SELECT users.id, users.email, users.hash, users.username FROM users WHERE users.username = '$username' AND users.id=$id4");
$gotstuff = mysqli_fetch_array($stuff_get, MYSQL_ASSOC);
$hash2 = $gotstuff['hash'];
$email2 = $gotstuff['email'];
$username2 = $gotstuff['username'];
echo "Your username is ",$username2,"<br>";
echo "Your activation code is ",$hash2,"<br>";

?>

It is supposed to be some of the contents of an email I send upon registration, it worked the first time I tested registration but I've since tested 5 more in the same conditions to no luck!

EDIT

IT IS NOW WORKING

I have no idea how, I didn't change a thing. I think it was to do with the sessions.

Ryan Mckenna
  • 49
  • 1
  • 7
  • Did you test the raw query directly against the database (i.e. in PHPMyAdmin, CLI)? What's the result? – Elias Oct 28 '14 at 11:09
  • 1
    Escape them variables, use prepared statements! – Jite Oct 28 '14 at 11:11
  • @Elias I can't do that specific query can I as it contains variables? I did it with specific ID and username and it went through fine – Ryan Mckenna Oct 28 '14 at 11:12
  • @RyanMckenna `echo` the query strings you are feeding to `mysqli_query` just before/after you call `mysqli_query` to see what the "raw query" is – Elias Oct 28 '14 at 11:15
  • @Elias Yes it went through fine. If I echo the $username and $id4 they're also correct. This is so annoying, it should work!! – Ryan Mckenna Oct 28 '14 at 11:23

1 Answers1

0

After loading the result, you must check if it was successful. Because there is always a possibility that the server has gone away, or there are no free connections available.

If this is the case, then mysqli_query will return false, which appears to be the behaviour you're experiencing.

$username = mysqli_real_escape_string($username);
$id4 = mysqli_real_escape_string($id4);

$stuff_get = mysqli_query($con,
    "SELECT users.id, users.email, users.hash, users.username
     FROM users
     WHERE 
         users.username = '$username' 
         AND users.id=$id4");

if ($stuff_get)
{
    $gotstuff = mysqli_fetch_array($stuff_get, MYSQL_ASSOC);
}
else
{
    throw new \Exception('Could not retrieve result.');
}

(NOTE: I'm escaping your parameters before running the query … just to be sure it's not forgotten when somebody copy/pastes the code. Btw, you could consider switching to prepared statements … much easier to use, and much safer.)

lxg
  • 11,188
  • 11
  • 43
  • 67
  • I think it is to do with the session not starting as it works fine if I'm logged in already, just not when registering! – Ryan Mckenna Oct 28 '14 at 11:19
  • @RyanMckenna: This may be the underlying problem, but your question was about the MySQL query/result, so that's what I answered. – lxg Oct 28 '14 at 15:37