Asked  9 Months ago    Answers:  5   Viewed   56 times

I am trying to get all my results from a database into and array:

$sql = "SELECT * FROM posts WHERE user = ?";

if($stmt = mysqli_prepare($link, $sql)){
    // Bind variables to the prepared statement as parameters
    mysqli_stmt_bind_param($stmt, "i", $param_username_int);

    // Set parameters
    $param_username_int = $user;

    // Attempt to execute the prepared statement




    // Close statement

When I try to fetch the results with this line:


I am expecting to get results into an array.

I get this error:

mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, object given



From the docs:

It is unnecessary to call mysqli_stmt_store_result() for other queries, but if you do, it will not harm or cause any notable performance loss in all cases.

Do you really need to use mysqli_stmt_store_result? If so, you need to bind variables and then get your data using mysqli_stmt_fetch, like so:

$stmt->bind_result($postTitle, $postContent); //or whatever your db fields are

while ($stmt->fetch()) {
    printf ("%s (%s)n", $postTitle, $postContent); //loop through all returned rows and display the post title and content

If not, you can use mysqli_stmt_get_result and then call mysqli_fetch_assoc on the result, like so:

$result = mysqli_stmt_get_result($stmt); //get result object
while ($row = mysqli_fetch_assoc($result)){ //get associative array

    /*Do whatever you want with result set here*/


Hope this helps!

Wednesday, March 31, 2021
answered 9 Months ago

Since you are using Wordpress, I advise you to use their $wpdb global object which you can use by first calling it globally: global $wpdb;. Then you will have functions to use like $wpdb->get_results( 'query', output_type ); instead of the mysqli functions. See the WP codex

But if you would like to use mysqli_ functions you still can use $wpdb which have a mysqli object which you can access by: $wpdb->dbh. That will be your mysqli connection object that you need for mysqli_ functions.

To apply this to your code:

// Add Signature Image after single post and page
add_filter('the_content','add_signature', 1);
function add_signature($text) {
    global $post, $wpdb;
    if(($post->post_type == 'post') || ($post->post_type == 'page')){
        //$sql_site_d = "select * from orders_discounts";
        $sql_site_d = "select * from orders_discounts where url = '' and status =1";

        $rs_results_site_d = mysqli_query($wpdb->dbh, $sql_site_d) or die(mysqli_error($wpdb->dbh));
        $total_site_d = mysqli_num_rows($rs_results_site_d);
        if ($total_site_d > 0){
            $row_site_d = mysqli_fetch_array($rs_results_site_d);  

Modified lines:

Line 4: global $post, $wpdb;

Line 9: $rs_results_site_d = mysqli_query($wpdb->dbh, $sql_site_d) or die(mysqli_error($wpdb->dbh));

Saturday, May 29, 2021
answered 7 Months ago

yo need create the user "pma" in mysql or change this lines(user and password for mysql):

/* User for advanced features */
$cfg['Servers'][$i]['controluser'] = 'pma'; 
$cfg['Servers'][$i]['controlpass'] = '';

Linux: /etc/phpmyadmin/

Tuesday, July 13, 2021
answered 5 Months ago

The problem here is not the upgrade in PHP version, but the fact that it failed to actually open the file in question.

fopen returns either a resource on success or false on failure:

$data ="<html><table><tr><td>test</td></tr></table></html>"; 
// Make sure we have a / or  between the path and the filename
$fileName = rtrim($path, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . "test.xls";
$file = fopen($fileName,"w");
if ($file === false) {
   echo "opening '$fileName' failed";

if (fwrite($file, $data)){       
   echo $fileName;

So you need to figure out why it can't open it in the first place. Perhaps a problem with your $path? Does it end with a (or / on linux)? Does the actual path exist. Is it actually set (given that it wasn't added to your code here it might just as well be empty as far as we know)

Wednesday, August 25, 2021
answered 4 Months ago

This is how your code should look (with added SQL Injection protection):

include "dbinfo.php"; //contains mysqli_connect information (the $mysqli variable)
$name = mysqli_real_escape_string($_GET['name']);
$text = mysqli_real_escape_string($_GET['text']);

$sqlqr = "INSERT INTO `ncool`.`coolbits_table` (`name`, `text`, `date`) VALUES ('" . $name . "', '" . $text . "', CURRENT_TIMESTAMP);";

mysqli_query($mysqli,$sqlqr); //function where the magic happens.

Take a look at what I've done. Firstly I've escaped the user input you're retrieving into the $name and $text variables (this is pretty much a must for security reasons) and as others have suggested you should preferably be using prepared statements.

The problem is that you weren't surrounding string values with single quotes ('), which is a requirement of the SQL syntax.

I hope this helps to answer your question.

Thursday, September 2, 2021
answered 3 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :