• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Call to a member function real_escape_string() on boolean

#1
Hello

I recently started using codeigniter 3.1.6 and I am facing a strange error whenever I use where function of query builder.

Details :

When I hit the query string like below 
select * from user where user_name = "[email protected]" and user_id = 1;
I get the desired result.

When I try to use query builder like below
Code:
   public function get($where = array(), $fields = array(), $groupBy = array(), $offset = 0, $limit = 0)
   {  
       foreach ($where as $key => $value) {
           $this->db_slave->where($key, $value);
       }

       $this->db_slave->select(implode(',', $fields));
       if (isset($offset) && $offset !== 0) {
           $this->db_slave->offset($offset);
       }
       
       if (isset($limit) && $limit !== 0) {
           $this->db_slave->limit($limit);
       }
       
       if (is_array($groupBy)) {
           $this->db_slave->group_by($groupBy);
       }
       
       $query = $this->db_slave->get(self::TABLE_NAME);
       return $query->result_array();
   }
I get an error as

Call to a member function real_escape_string() on boolean in mysqli_driver.php line 391
which has the function as


protected function _escape_str($str)

{

        return $this->conn_id->real_escape_string($str);
}


I am not sure what is causing this problem ... I would really appriciate any help on this.

BTW, When I use query builder to have only primary id on where clause it works without any problem..
The problem is only when there are some strings involved....

The above function is called like 

Code:
    public function check_valid_current_password($current_password)
    {
        $this->CI->load->model('user_model');
        $where['user_email'] = $this->CI->current_user['user_email'];
        //$where['user_password'] = md5($current_password);
        
        $check = $this->CI->user_model->get($where, array('user_id'));

        if (!isset($check[0]['user_id']) || $check[0]['user_id'] == 0) {
            $this->CI->form_validation->set_message(__FUNCTION__, 'Wrong password specified for this user.');
            
            return FALSE;
        }
        
        return TRUE;
    }
From a library I created to extend form validation class.
Reply

#2
1. It probably means your database connection has failed (or was never attempted in the first place).
2. Stop using MD5. Especially for password hashing, use https://secure.php.net/password
Reply

#3
(11-08-2017, 07:20 AM)Narf Wrote: 1. It probably means your database connection has failed (or was never attempted in the first place).
2. Stop using MD5. Especially for password hashing, use https://secure.php.net/password

Hello
Thanks a lot for your reply..
for 2, thanks will make the change

for 1, I understand that the database connection has failed.. which i could confirm by printing $this->conn in mysqli_driver.php file

but not sure why its failing only when there is string in where clause ??
I mean. everything works fine when I select on primary key....

Is it something to do with the sessions library ?? because when I investigated .. before my query a query to sessions table from session library was made.

Kindly help me with this one..

Thanks
Reply

#4
You can use this to test your MySQL connection, do not leave this on a live server...

PHP Code:
<?php

/**
 * Attempt MySQLi server connection. Assuming you are running MySQL
 * server with default setting (user 'root' with no password)
 *
 * Change root for username and password for your server.
 */
$conn mysqli_connect("localhost""root""password");
 
// Check connection
if ($conn === false)
{
 
   exit("ERROR: Could not connect. " mysqli_connect_error());
}
 
// Print host information
echo "Connect Successfully. Host info: " mysqli_get_host_info($conn);

?>
What did you Try? What did you Get? What did you Expect?

Joined the CodeIgniter Community in 2009.          ( Skype: insitfx )
Reply

#5
(11-08-2017, 11:24 PM)kaustubh.agrawal2000 Wrote: but not sure why its failing only when there is string in where clause ??
I mean. everything works fine when I select on primary key....

It's not failing because there's a string in the WHERE clause.
It's the exact opposite - a connection is required to escape the string, and because the connection has failed before that (or was never created in the first place), the escaping of the said string fails.

You're not getting the error on a select() call because there's nothing to escape in there and thus no attempt is made to use the DB connection. That doesn't mean it works fine; it will still fail when the query is actually executed, which happens after you call get().

(11-08-2017, 11:24 PM)kaustubh.agrawal2000 Wrote: Is it something to do with the sessions library ??

No.
Reply

#6
try
$where['user_id'] = '1'; //value in single quote

instead of
$where['user_id'] = 1;

OR

Code:
public function get($where = array(), $fields = array(), $groupBy = array(), $offset = 0, $limit = 0)
   {  
       foreach ($where as $key => $value) {
           $this->db_slave->where($key, (string) $value); //edited
       }
Reply

#7
(11-15-2017, 09:10 AM)identity_one Wrote: try
$where['user_id'] = '1'; //value in single quote

instead of
$where['user_id'] = 1;

Try thinking about a problem before throwing bizzarely random guesses at it.
Reply

#8
(11-09-2017, 05:01 AM)Narf Wrote:
(11-08-2017, 11:24 PM)kaustubh.agrawal2000 Wrote: but not sure why its failing only when there is string in where clause ??
I mean. everything works fine when I select on primary key....

It's not failing because there's a string in the WHERE clause.
It's the exact opposite - a connection is required to escape the string, and because the connection has failed before that (or was never created in the first place), the escaping of the said string fails.

You're not getting the error on a select() call because there's nothing to escape in there and thus no attempt is made to use the DB connection. That doesn't mean it works fine; it will still fail when the query is actually executed, which happens after you call get().

(11-08-2017, 11:24 PM)kaustubh.agrawal2000 Wrote: Is it something to do with the sessions library ??

No.

Hello..
I am not sure what was the actual problem with this.. but it seems to be gone now..
I was creating 2 connections to same MYSQL port (1 for master and 1 for slave... which I planned to change on prduction. but was same on local).. it is that part which was creating the problem..

when I removed that and started using only 1 connection its working like a charm.... Although still not sure what the problem was with that...

Same logic used to work with previous version of Codeigniter that I used.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.