Welcome Guest, Not a member yet? Register   Sign In
$this in a condition
#1

[eluser]TDSPower[/eluser]
Hello CI developpers,

I come again on this board to ask you some help.

Here is my model :

Code:
...

        function getNews($cat){
            if($cat != "0")
            {
                $this->db->where('id_cat',$cat);
                $output['titre_page'] = $this->getNomCat($cat);
            }
            else
            {
                $output['titre_page'] = 'Toutes les news';
            }
                   ...
               }

...

        function getNomCat($idcat){
                $query = $this->db->query('SELECT nom_cat FROM news_categories WHERE id='.$idcat.' LIMIT 1');
                $row = $query->row();
                return $row->nom_cat;
        }
    }
...

The line $output['titre_page'] = $this->getNomCat($cat); createx a php error (Trying to get property of non-object) if the parameter $cat is not egual to 0 (And doesn't launch this line).

What could be the solution ? I can put a @ behind the line but it is too simple Smile

Thanks,

François JAGUELIN
#2

[eluser]xwero[/eluser]
what does the line
Code:
$this->db->where('id_cat',$cat);
I think this can be the cause of the error.
#3

[eluser]TDSPower[/eluser]
Thanks for this fast answer.

In fact, in all cases I execute a query, but if $cat!=0, I want to select only rows where id_cat == $cat.

Canno't use a "$this->db->where" in a condition ?

Thanks again,

François

EDIT : I have tested without the where, and the error is still here.
#4

[eluser]xwero[/eluser]
Is the category id an existing category id?
#5

[eluser]TDSPower[/eluser]
I am such a dumb... You have right !

It's a little bit difficult to start with a Framework when you have never used one before...

Sorry for these questions very "basical".

Thanks,

François.
#6

[eluser]xwero[/eluser]
No problem, now you know you have to makes checks for all queries.
You could write the getNomCat query 2 different ways
Code:
$query = $this->db->query('SELECT nom_cat FROM news_categories WHERE id=? LIMIT 1',array($idcat));
This way will escape the value to prevent sql attacks. And the other way is using the active records class
Code:
$this->db->select('nom_cat');
$this->db->from('news_categories');
$this->db->where('id',$idcat);
$this->db->limit(1);
$query = $this->db->get();
// or chained (php5)
$query = $this->db->select('nom_cat')->from('news_categories')->where('id',$idcat)->limit(1)->get();
This has the advantage of escaping the values and works with all the supported databases.
#7

[eluser]TDSPower[/eluser]
I adopt the first one !

I think it is the easily way to secure the application.

Thanks again,

François




Theme © iAndrew 2016 - Forum software by © MyBB