• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
prepared statements

#1
Hi again.



So I was trying to improve safety in my project by using prepared statements, and it just doesn't seems to work.

would you be so kind as to take a look and see if you find anything out of place?



this is the model function

 

PHP Code:
public static function insert_contactos($data_array)
  {
    $db db_connect();

    $pQuery $db->prepare(function ($db) {
      return $db->table('contactos')
        ->insert([
          'ativo_contacto' => '',
          'nome_contacto' => '',
          'cod_cliente_contacto' => ''
        ]);
    });

    $result $pQuery->execute(
      $data_array['ativo_contacto'],
      $data_array['nome_contacto'],
      $data_array['cod_cliente_contacto']
    );

    return $result;
  

This is the controller function
PHP Code:
  public function insert()
  {
    if ($this->request->isAJAX()) {


      $data_array['ativo_contacto'] = $_POST['ativo_contacto'];
      $data_array['nome_contacto'] = $_POST['nome_contacto'];
      $data_array['cod_cliente_contacto'] = $_POST['cod_cliente_contacto'];


      if (Contactos_model::insert_contactos($data_array)) {
        echo 'success';
      } else {
        echo 'fail';
      }
    }
  

after running in debug mode, i get this exception from

Exception has occurred.
ErrorException: Uninitialized string offset: 1
"C:\xampp\htdocs\pgp4\system\Database\Query.php"



As always, thank you for your time.

Messed with it again by trying a manually built statement, but still hangs on that exception, the thing is it is inserting the data correctly, but it stops afterwards.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.