mysqli_real_escape_string() expects parameter 1 to be mysqli, null

$idbilik = " ' ". mysqli_real_escape_string($idbilik, $samb) . " ' ";
$result = mysqli_query($samb,"SELECT * FROM bilik
WHERE idbilik=$idbilik");
while($res = mysqli_fetch_array($result))

i did as u say so madam...add the line u gave before $result..but i am getting the error stated above...

The error Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean means that your PHP code is expecting a MySQL result set, but instead it's getting a boolean (TRUE / FALSE). This happens when your MySQL query fails due to an error and it returns FALSE on failure.

If your query is "SELECT * FROM bilik WHERE idbilik=$idbilik" then most likely it's failing because you are not properly sanitizing the variable $idbilik. It's extremely important to always sanitize any variables you pass into a database query!!

Before the $result = ... line of your code, add the following:

$idbilik = "'" . mysql_real_escape_string($idbilik, $samb) . "'";
commented: thank u very much....understood madam.... +0
Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.18 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.