XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module usage questions 
  4.  / $xoopsDB help please...
Register
1
boner
$xoopsDB help please...

  • 2004/1/6 17:15

  • boner

  • Just popping in

  • Posts: 7

  • Since: 2003/11/29


Guys,

I am developing a module and in one particular page I need to do 4 or more queries to the database. To do this I use...

$result = $xoopsDB->query("blah");
$row = mysql_fetch_array( $result, MYSQL_BOTH );

...repeated several times. I reuse $result each time because I take the value I need and put it in a seperate variable. The first two queries execute fine. The third however does not execute. The wierd thing is, I get no error, and mysql_errno() and mysql_error() return nothing, implying that either the query never ran, or it ran successfully. But I get nothing back. It's almost as though the line performing the query has just been skipped. I'm almost certain this is a curiosity with the $xoopsDB object (or perhaps the way I am incorrectly using it?!) but It's got me beat.

Any help greatly appreciated.

Thanks, Adam.

PS - If it helps: the first two queries are "SELECT FROM ..." type statements and the third and fourth which don't work are "DELETE FROM ...", so I'm not doing anything with the result on the third and fourth run, just dropping it.
2
cmagana
Re: $xoopsDB help please...

  • 2004/1/6 18:03

  • cmagana

  • Not too shy to talk

  • Posts: 131

  • Since: 2003/11/8


For the query DELETE FROM you need change:
$xoopsDB->query("DELETE FROM etc..");
to
$xoopsDB->queryF("DELETE FROM etc..");

You only need to put a F at the end of the $xoopsDB->query

I hope that this works for you. By the way he tell me about your module, of what treats
3
Mithrandir
Re: $xoopsDB help please...

IF you are ABSOLUTELY certain that noone can mess with the variables you use in the DELETE statements, you can use queryF(). queryF() indiscrimantly passes queries through whereas query() will only work with non-SELECT queries if the variables are NOT given through GET - and if the HTTP referrer check passed.
4
boner
Re: $xoopsDB help please...

  • 2004/1/6 18:44

  • boner

  • Just popping in

  • Posts: 7

  • Since: 2003/11/29


Great stuff, thanks for the replies people, that worked a treat. Interestingly, it seems I am violating the very seurity check that this is designed to catch, I am passing somethign using the $_REQUEST super-global, or whatever they call them these days. I'll find a better way to do it.

Does $xoopsDB have any kind of error reporting that I am missing? If so, how would I get hold of it so I can see where it is failing?

Adam.

5
Mithrandir
Re: $xoopsDB help please...

Passing an unsafe ($_GET variables) query to query() will add a "Action not allowed" to the MySQL Debug screen, which is enabled/disabled in System Admin -> Preferences -> General Settings

Instead of using $_REQUEST, I'd say use $_POST and $_GET - whatever is appropriate
6
Dave_L
Re: $xoopsDB help please...

  • 2004/1/6 20:14

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


Passing an unsafe ($_GET variables) query to query() will add a "Action not allowed" to the MySQL Debug screen

How does it do that, since XoopsMySQLDatabase::query() has an empty body?

Edit: Looking further, I suppose that the method in the derived class XoopsMySQLDatabaseProxy::query() is being called, instead of XoopsMySQLDatabase::query(). But I still don't see where it's checking for $_GET.
7
Mithrandir
Re: $xoopsDB help please...

The check is in include/common.php where it determines if the database class is a MySQLDatabase or MySQLDatabaseProxy.
8
fatman
Re: $xoopsDB help please...

  • 2004/1/31 0:55

  • fatman

  • Friend of XOOPS

  • Posts: 176

  • Since: 2003/12/13


Does anyone know a work around where the values you're getting are coming by querystring and can't come via _POST ?

I need to have a page which accepts a transaction response from an external api which I have no control over. The data is coming by $_GET and I really need to log it in my database.

this is what I have. returns error 0 - 'action not allowed'

foreach ($_GET as $k=>$v)
{
    $str "$k,$v|";
}
if ( $str == '' )
{
    $str 'executed and nothing received';
}

$sql 'INSERT INTO '.$xoopsDB->prefix('ks_transaction_log');
$sql .= " ( trans_str ) VALUES ('$str')";

print $sql;
$result $xoopsDB->queryF($sql);

9
fatman
Re: $xoopsDB help please...

  • 2004/1/31 1:18

  • fatman

  • Friend of XOOPS

  • Posts: 176

  • Since: 2003/12/13


Found my own fix.. sort of.

A small adjustment to how I execute query solves my problem above.

full code example
foreach ($_GET as $k=>$v)
{
    $str "$k=$v|";
}
if ( $str == '' )
{
    $str 'executed and nothing received';
}

$sql 'INSERT INTO '.$xoopsDB->prefix('ks_transaction_log');
$sql .= " ( trans_str ) VALUES ('$str')";


// *****  this way didn't work
// $result = $xoopsDB->queryF($sql);

// this way did work
if ( $xoopsDB->queryF($sql) )
{
    echo('trans_str logged.');
}

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

116 user(s) are online (71 user(s) are browsing Support Forums)

Members: 0

Guests: 116

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits