- first thing i did escaping the string that’s going to be passed to the query to prevent SQL Injection but this might help but not giving you full protection consider using prepared statement’s.
- you are trying to output the
mysqli_query()
result as a string you cannot do that you have to fetch the data from the result to some kind of array then fetch it usingwhile
loop. to fetch those data you needmysqli_fetch_assoc()
function. - feel free to change the column name to whatever you want from clubID to clubName for example if you have column name named clubName you can also put them side by side if you want to output all column data but in your
select
statement you have to fetch*
data to be able to do that any way copy and paste the following code and let us know what happens. {}this is to be able to use single qoute in the double qoute to fetch the data from the array if you don’t do that the variable won’t expand.
.
<?php
session_start();
$email = mysqli_real_escape_string($link,$_SESSION["email"]);
echo $email;
$sqlget = "SELECT clubID FROM users WHERE email="$email"";
$sqldata = mysqli_query($link, $sqlget) or die('error');
while($sqloutput=mysqli_fetch_assoc($sqldata)){
echo "{$sqloutput['clubID']}</br>";
}
?>
solved How to use a php variable in a query to SELECT something WHERE thing = $thing? [closed]