error creating in my controller

error creating in my controller - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: General (https://forum.codeigniter.com/forumdisplay.php?fid=1)
+--- Forum: Lounge (https://forum.codeigniter.com/forumdisplay.php?fid=3)
+--- Thread: error creating in my controller (/showthread.php?tid=71753)

error creating in my controller - kvanaraj - 09-19-2018

Code:
controller

**********

$this->load->model('user_model');          

        $data['appdetails_show'] = $this->user_model->getapp();

Model

Code:
public  function getapp(){

  $response = array();   

  $regno = $this->session->userdata('username');

  $this->db->select('*');

  $this->db->from('appdetpayment');

  $this->db->where('appdetpayment.regno',$regno);  

  $this->db->order_by('appdetpayment.appno');

  $query = $this->db->get();

  return $query->result_array(); 

  }

RE: error creating in my controller - Pertti - 09-19-2018

You didn't actually say where the error is, but looking at the source, you are not validating that username actually exists in session, so $regno could evaluate to 'false' and potentially as result that creates invalid SQL query.

where_in for example is painful method in that sense, it accepts empty array, but then creates "field IN ()" which throws SQL error.

RE: error creating in my controller - davidgv88 - 09-19-2018

Controller (application/controllers/Home.php)

PHP Code:
<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Home extends CI_Controller {

 public function index()
 {
 $this->load->model('user_model');

 $data = array();

 $regno = $this->session->userdata('username'); 
 $data['appdetails_show'] = $this->user_model->getapp($regno);

 $this->load->view('welcome_message',$data);
 }
} 

Model (application/models/User_model.php)

PHP Code:
<?php
class User_model extends CI_Model {

 public function getapp($regno){
 
 $this->db->select('*');
 $this->db->from('appdetpayment');
 $this->db->where('appdetpayment.regno',$regno);  
 $this->db->order_by('appdetpayment.appno');
 $query = $this->db->get();
 return $query->result_array();

 }

} 

IMPORTANT!! in application/config/autoload.php add database and session libraries. Example:

PHP Code:
$autoload['libraries'] = array('database','session'); 

With this works! Please check the $regno variable in controller. Sometimes can be null and generate a invalid SQL.