• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Update issue (Query Builder Class)

#7
(07-06-2018, 10:33 AM)jreklund Wrote: Okey, my bad. I actually never tested it. Don't know exactly how join works, so here's how you can modify it to disable escaping instead.

https://pastebin.com/A5U7Y0i6
\system\database\DB_query_builder.php
Code:
1788:
public function get_compiled_update($table = '', $reset = TRUE, $escape = NULL)
1793:
if ($this->_validate_update($table, $escape) === FALSE)
1821:
public function update($table = '', $set = NULL, $where = NULL, $limit = NULL, $escape = NULL)
1831:
if ($this->_validate_update($table, $escape) === FALSE)
1863:
protected function _validate_update($table, $escape = NULL)
1872:
$this->qb_from = array($this->protect_identifiers($table, TRUE, $escape, FALSE));

Use it like this:
PHP Code:
$this->db->update('`table1` JOIN `table2` ON `table1id`=`table2id` JOIN `table3` ON `table2id`=`table3id`'$update_dataNULLNULLFALSE); 

I thought about this but I didn't want to modify the system files.

(07-06-2018, 11:44 AM)dave friend Wrote: I couldn't figure out how to disable escaping and it might not be wise to do so anyway.

The solution might be to not use Query Builder and fall back to good old 'query()' with bindings instead.

PHP Code:
$binds = [$valA$valB$valC$acct_id$id,];

$sql "UPDATE table1 
 JOIN table2 ON table1id = table2id 
 JOIN table3 ON table2id = table3id 
 SET colA = ?, colB = ?, ColC = ?
 WHERE table2acct_id = ?
 AND table1id = ?
 AND enabled = 1
 AND checkin_close_time >= UTC_TIMESTAMP()"
;

$result $this->db->query($sql$binds);
echo 
$results "It worked""Did not work"

Yes, this was the alternative that I went with. I just wanted to bring this up in case it was a bug.

Thank you both for your responses.
Reply


Messages In This Thread
Update issue (Query Builder Class) - by ogomez - 07-05-2018, 05:59 PM
RE: Update issue (Query Builder Class) - by ogomez - 07-06-2018, 02:16 PM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme ¬© 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.