ahmed dinar
asked on
trying to get property of non-object
i have a problme in my php code .. trying to get property of non object ..this is the code .
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "job_database";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['Get']))
{
$jtitle = $_POST['jobtitle'];
$location = $_POST['location'];
$category = $_POST['categories'];
//Query specified database for value
$sql = "SELECT jtitle , location, category FROM addjob where jtitle =".$jtitle." AND location =".$location." AND category =".$category." " ;
$result = $conn->query($sql);
}
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "jtitle: " . $row["jtitle"]. "location:" . $row["location"]. "category" . $row["category"]."<br>";
}
} else {
echo "0 results";
}
$conn->close();
?>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also, last note - your code is susceptible to SQL injection. Make sure you either run mysqli_real_escape_string on your variables BEFORE you use them in your query:
http://php.net/manual/en/mysqli.real-escape-string.php
...or use prepared statements:
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
Either approach will fix this vulnerability.
http://php.net/manual/en/mysqli.real-escape-string.php
...or use prepared statements:
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
Either approach will fix this vulnerability.
If this question is going to be closed, the answer to the original problem is addressed by Olaf in answer
#42520465. He should get full points.
#42520465. He should get full points.
Also, @mohan, the query syntax is not wrong. It works either way (and your suggested way actually performs a tiny bit worse). If you are going to suggest the OP's code is wrong, please test it first to make sure you are right before making that suggestion.
Your write like this
Open in new window
Do like this
Open in new window