mysqli_real_escape_string() expects parameter 1 to be mysqli, null
$idbilik = " ' ". mysqli_real_escape_string($idbilik, $samb) . " ' ";
$result = mysqli_query($samb,"SELECT * FROM bilik
WHERE idbilik=$idbilik");
while($res = mysqli_fetch_array($result))
i did as u say so madam...add the line u gave before $result..but i am getting the error stated above...