XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Community Support forums / 
  3. Q and A 
  4.  / Weird problem
Register
1
wtravel
Weird problem

I tried to run the following code within a function, but it will not execute. It seems to be a valid SQL query though.

$sql = "DELETE FROM ".$xoopsDB->prefix("weblinks_links")." WHERE lid = 4";
$xoopsDB->query($sql) or $eh->show("0013");

It does not do anything and causes the rest of the code not to be executed either.

What may cause the query for not working?

Kind regards,

Martijn
2
robekras
Re: Weird problem

  • 2003/12/14 13:20

  • robekras

  • Documentation Writer

  • Posts: 187

  • Since: 2002/12/10


If the $xoopsDB is an object of class XoopsMySQLDatabaseProxy
only select commands are allowed (for security reasons).
Take a look at class/database/mysqldatabase.php

You can check this with the following:
Quote:

$html = get_class ($xoopsDB);
echo "objects class is " . $html . "<br />" ;


But I have no idea how to work around this.

3
wtravel
Re: Weird problem

In weblinks/admin.index.php it is possible to delete a link in the approval process. That query does work, and I have the same include lines at the top of my php file.

So I wonder how the delete queries can be executed.

Regards,

Martijn
4
Mithrandir
Re: Weird problem

How do you get the lid variable? From a $_GET parameter? If the variables are NOT from a POST form or otherwise fetched, the db->query() function will only perform SELECT commands and nothing else.

If you have a very big desire to use $_GET variables in INSERT, UPDATE or DELETE statements, you can use db->queryF() instead - but BEWARE and only do it if you have NO other alternative.
5
wtravel
Re: Weird problem

Great! Thanks for your help. I will use the QueryF function then and only use it in the admin section which has a good security check.

In weblinks/admin/index.php the delete query uses $_GET parameters in combination with db->query(). How can I use the same method?
Quote:
$sql = sprintf("DELETE FROM %s WHERE lid = %u", $xoopsDB->prefix("weblinks_links"), $HTTP_GET_VARS['lid']);

Kind regards,

Martijn

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

141 user(s) are online (87 user(s) are browsing Support Forums)

Members: 0

Guests: 141

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Apr 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits