Welcome Guest, Not a member yet? Register   Sign In
[SOLVED] Losing variable values when passed to library
#1

[eluser]Armchair Samurai[/eluser]
Here's the situation: when I pass variable to a library, for some reason CI seems to 'lose track' of them when passed through CI's $this->db->escape() function. I've never seen this behavior before from CI, so I'm stumped. I created a simple test using echos:

Code:
function login($user, $pw)
{
    $ci =& get_instance();

    echo "$user:$pw<br>";
    
    $ci->db->select('password');
    $ci->db->where('name', $user);
    $query = $ci->db->get('kp_users', 1);

    echo $ci->db->last_query().'<br>';
        
    $sql = "SELECT password
            FROM kp_users
            WHERE name = ?
            LIMIT 1";
    $query = $ci->db->query($sql, array($user));

    echo $ci->db->last_query().'<br>';

    $temp = $ci->db->escape($user);
    $sql = "SELECT password
            FROM kp_users
            WHERE name = $temp
            LIMIT 1";
    $query = $ci->db->query($sql);

    echo $ci->db->last_query().'<br>';
        
    $sql = "SELECT password
            FROM kp_users
            WHERE name = '$user'
            LIMIT 1";
    $query = $ci->db->query($sql);

    echo $ci->db->last_query();
    echo "<br>$user:$pw";
    exit;
}

produces this:
Code:
foo:bar
SELECT password FROM kp_users WHERE name = '' LIMIT 1
SELECT password FROM kp_users WHERE name = '' LIMIT 1
SELECT password FROM kp_users WHERE name = '' LIMIT 1
SELECT password FROM kp_users WHERE name = 'foo' LIMIT 1
foo:bar

I echoed the variables initially to makes sure the function was receiving them, and that was okay. If the data is not escaped through CI, it's fine, but otherwise produces empty strings. Both variables are simple alpha numeric strings.

Any ideas? I'm getting close to the point where I'm going to scrap this library (it was one the first things I coded in CI well over a year ago and hence, looking back, somewhat cringe worthy) and integrate an alternate version, but that would be a lot of work.
#2

[eluser]tonanbarbarian[/eluser]
If you are saying you built this library for CI over a year ago which version of CI is the code using?
#3

[eluser]gtech[/eluser]
i used CI 1.5.3 on windowsXP, using xampp (apache and mysql) with php5.2.1 and I tried the following (i already had a users database)

test controller
Code:
function start($user='foo',$pw='bar')
  {
    $ci =& get_instance();

     echo "$user:$pw<br>";
    
    $ci->db->select('password');
    $ci->db->where('name', $user);
    $query = $ci->db->get('users', 1);

    echo $ci->db->last_query().'<br>';
        
    $sql = "SELECT password
            FROM users
            WHERE name = ?
            LIMIT 1";
    $query = $ci->db->query($sql, array($user));

    echo $ci->db->last_query().'<br>';

    $temp = $ci->db->escape($user);
    $sql = "SELECT password
            FROM users
            WHERE name = $temp
            LIMIT 1";
    $query = $ci->db->query($sql);

    echo $ci->db->last_query().'<br>';
        
    $sql = "SELECT password
            FROM users
            WHERE name = '$user'
            LIMIT 1";
    $query = $ci->db->query($sql);

    echo $ci->db->last_query();
    echo "<br>$user:$pw";
    exit;
  }

RESULTS

Code:
foo:bar
  SELECT password FROM users WHERE name = 'foo' LIMIT 1
  SELECT password FROM users WHERE name = 'foo' LIMIT 1
  SELECT password FROM users WHERE name = 'foo' LIMIT 1
  SELECT password FROM users WHERE name = 'foo' LIMIT 1
  foo:bar

so it worked for me, don't know if this helps you at all?
#4

[eluser]Armchair Samurai[/eluser]
@tonanbarbarian: to be honest, I'm not sure, but I've been upgrading CI with every official release (including 1.5.4 when it was released a while ago) with no issues.

@gtech: you might be on to something, although I can't wrap my brain around it at the moment - I'm using MAMP with PHP5.2.3 locally and the code works flawlessly. The server OTOH is burdened with PHP4.3.9, but I'm not sure how that would cause the bug which seems to be occurring here. Insights appreciated.
#5

[eluser]tonanbarbarian[/eluser]
I was only asking about CI versions in case you were still using CI 1.5.3 in which case I was going to suggest looking at the core code in 1.5.3 to see if the issue is there.

But since gtech has got it to work in 1.5.3 it seems like it might be your version of php that is the issue.

However I think I might have a solution

After looking into the CI core code I found the following
$this->db->escape will call $this->db->escape_str
$this->db->escape_str is specified in each different database library
For MySQL $this->db->escape_str uses the PHP mysql_real_escape_string function if it exists, which it should for you because it was introduced in PHP 4.3.0

Now mysql_real_escape_string uses a database connection to connect to the mysql server and get it to return the escaped string using an internal MySQL function call.
If the connection does not exist mysql_real_escape_string attempts to make its own connection.
mysql_real_escape_string returns the escaped string or false it there was an error, like an invalid connection

So I think there is an issue with the database connection and mysql_real_escape_string is returning false.
Because if you do the following (which is sort of what $this->db->escape will be doing
Code:
echo "'".false."'"
you will get
Code:
''
because if you convert the boolean FALSE to a string type you get an empty string

So check that your database connection is valid in the code
Make sure that you have actually connected to the database and performed a simple query.
I am guessing the issue may be that the config for the database is not correct but I could be wrong

hope this points you in the right direction
#6

[eluser]Armchair Samurai[/eluser]
@tonanbarbarian: Thanks for that. As it turns out, this proved to be the simplest problem - a typo in the DB password. Aside from my general thick-headedness, I think this is an indication that I should try and get more than four hours sleep a night. I swear I looked at the DB config file for a long time I didn't spot the difference.

You sir, are entitled to a Virtual Beverage. Enjoy! Smile




Theme © iAndrew 2016 - Forum software by © MyBB