0

the problem= in my code i get the id of a person out of the database, then i fetch it and then i put it on another table in the database. so first this i get the id out of the database:

$patientid = mysqli_query($connection, "SELECT id FROM patient WHERE     `naam` = '$naam' AND `adres` = '$adres'");

then i fetch it:

$patientid1 = mysqli_fetch_assoc($patientid);

then i put it in another table:

$toevoegen = mysqli_query($connection, "INSERT INTO factuur (`soort`, `hoelang`, `titel`, `omschrijving`, `datum_aangemaaktfactuur`, `patient_id`, `artsid`)
        VALUES ('$soort', '$hoelang', '$titel', '$omschrijving', '$datum', '$patientid1', '$artsid1')");

then when i run the code i get this notice: Notice: Array to string conversion. how do i solve this? i have looked at other questions but they have the same error but different code. i dont even have an array in my code! thanks

ps: if i replace $patientid1 with an number it works perfectly.

Improve this question
6
  • you need to use $patientid1['id'] Commented Feb 18, 2017 at 12:39
  • 1
    Please don't use this code at all. It is wide open for all kind of sql-Injections. Commented Feb 18, 2017 at 12:41
  • @Oliver i'm new to this, we will learn how to program safe in the next year. Commented Feb 18, 2017 at 12:49
  • @NiekBrouwer if this code never comes live, everything is fine. Just keep it in mind :-) Commented Feb 18, 2017 at 12:58
  • "we will learn how to program safe in the next year" - It might be too late by then; do it now while you still have a database to work with. Commented Feb 18, 2017 at 14:05

1 Answer 1

Reset to default
2

mysqli_fetch_assoc returns an associative array with selected fields as keys and column values as values.

You should modify code as follows

$patientRow = mysqli_fetch_assoc($patientid);
$patientId = $patientRow['id'];

Remember that for non unique results, you should iterate over whole result set like

while ($patientRow = mysqli_fetch_assoc($patientid)) {
    $patientId = $patientRow['id'];
    // other actions here
}

Last but not least, pay attention to $naam and $naam: use prepared statement instead will be definitely safer

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.