Welcome Guest, Not a member yet? Register   Sign In
is it a normal Active Record bahaviour?
#1

[eluser]brazilius[/eluser]
This piece of code
Code:
$data=array(
            'email'    =>    $this->session->userdata( 'email' ),
        'password'    =>     $this->session->userdata( 'password' ),
        'active' => 1
        );
$this->db->get_where('users',$data);
echo $this->db->last_query();
if userdata for email and password wasn't set
both values would be FALSE
and query would be
SELECT * FROM (`users`) WHERE `email` = 0 AND `password` = 0 AND `active` = 1
and all rows with active = 1 are selected (i can't get why)

and if you use mysql_real_escape_string on both values from session
you get the right query
SELECT * FROM (`users`) WHERE `email` = '' AND `password` = '' AND `active` = 1

is it a right behaviour or a bug&
#2

[eluser]xwero[/eluser]
If the session data doesn't exist it returns false which php interprets as 0. the mysql_real_escape_string probably will check the type too. I'm not sure if the class escaping mechanism does that.
#3

[eluser]brazilius[/eluser]
and why
`email` = 0 AND `password` = 0
is TRUE?
#4

[eluser]xwero[/eluser]
What kind of output do you have if you return the rows?
#5

[eluser]brazilius[/eluser]
it selects all rows with active=1 with any password and email
#6

[eluser]xwero[/eluser]
I got no clue why that happens but it seems more a mysql bug than a AR bug.




Theme © iAndrew 2016 - Forum software by © MyBB