PHP, MySQL Query not working

Question

Working on a small university project to develop a small php site. Seem to be having a couple of issues. I am a complete newbe when it comes to programming of any kind. I am literately cutting and pasting (From provided scripts) and trying to get things to come together in the way I require.

I seem to be having a problem collecting data from a database query, I already have one on the script which works perfectly. I am trying to add another, however can't seem to get this to work.

http://mkiddr.com/phptests/shopping/category.php?id=2

Currently the category.php is displaying all the products within the category. However I wish for it to also display the category description and you'll see in the following code how I've tried to do this:

 <?php
session_start();
include "conn.php";
include "header.php";

if (isset($_GET['id'])){
    $CategoryID = $_GET['id'];
    $q="SELECT ProductID, ProductName FROM Products WHERE CategoryID=$CategoryID";
    $d="SELECT Desc FROM ProductCategories WHERE CategoryID=$CategoryID";

    $result = mysqli_query($_SESSION['conn'],$q);

    $result2 = mysqli_query($_SESSION['conn'],$d);

    echo "<div>";
    while ($row = mysqli_fetch_row($result)){
        echo "<p><a href='product.php?id=".$row[0]."'>".$row[1]."</a></p>";
    }
    echo "<p>".$result2."</p>";
    echo "</div>";
    mysqli_free_result($result);
}
include "footer.php";
?>

Would appreciate some help!

UPDATED CODE (Still not working)

   <?php
   session_start();
   include "conn.php";
   include "header.php";

 if (isset($_GET['id'])){
$CategoryID = $_GET['id'];
$q="SELECT ProductID, ProductName FROM Products WHERE CategoryID=$CategoryID";
$d="SELECT `Desc` FROM ProductCategories WHERE CategoryID=$CategoryID";

$result = mysqli_query($_SESSION['conn'],$q);
$result2 = mysqli_query($_SESSION['conn'],$d);  

echo "<div>";
while ($row = mysqli_fetch_row($result)){
    echo "<p><a href='product.php?id=".$row[0]."'>".$row[1]."</a></p>";
}
echo "</div>";
mysqli_free_result($result);

//Description
echo "<div>";
while ($result2 = mysqli_fetch_assoc($result2)){
    echo "<p>".$result2[0]."</p>";
   }

   }
  include "footer.php";
  ?>

Answer 1

First remember to fetch the query into an array:

$result2 = mysqli_fetch_assoc($result2);

Since the query is saved into an associative array you should call it in that way $result2['Desc']

<?php
   session_start();
   include "conn.php";
   include "header.php";

 if (isset($_GET['id'])){
$CategoryID = $_GET['id'];
$q="SELECT ProductID, ProductName FROM Products WHERE CategoryID=$CategoryID";
$d="SELECT `Desc` FROM ProductCategories WHERE CategoryID=$CategoryID";

$result = mysqli_query($_SESSION['conn'],$q);
$result2 = mysql_fetch_assoc( mysqli_query($_SESSION['conn'],$d) );  

echo "<div>";
while ($row = mysqli_fetch_row($result)){
    echo "<p><a href='product.php?id=".$row[0]."'>".$row[1]."</a></p>";
}
echo "</div>";
mysqli_free_result($result);

//Description
echo "<div>";
          echo "<p>".$result2['Desc']."</p>";
echo "</div>";

   }
  include "footer.php";
  ?>

Answer 2

One of the errors I've seen is the use of reserved keywords.

The reason why $d is not executing is because column DESC is a reserved keyword from MYSQL. You can delimite it with backtick or supply an alias on the table to make it work, eg

$d="SELECT `Desc` FROM ProductCategories WHERE CategoryID=$CategoryID";

OR

$d="SELECT a.Desc FROM ProductCategories a WHERE CategoryID=$CategoryID";

• MySQL Reserved Keywords List

As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.

• How to prevent SQL injection in PHP?