General Community > Scripting Help

Database Query Problem

(1/3) > >>

The Wizard:
Hello:

I'm working on a SMF Shop mod and I need to update the bit of code to work on SMF 2.0.2
I'm still learning php and trying to understand the changes in the code from SMF 1.x to SMF 2.0.2
Could someone fix this code and explane why it won't work with SMF 2.0.2? I really want to understand the changes.

Thanks

Wiz


--- Quote --- //BEGIN SMFShop Profile Images Item 0.1 Beta
            global $db_prefix, $boardurl;
            $result_flag = db_query("SELECT shop_Flag
                                     FROM {$db_prefix}members
                                     WHERE ID_MEMBER = {$message['member']['id']}
                                     LIMIT 1", __FILE__, __LINE__);
            $row_flag = mysql_fetch_array($result_flag, MYSQL_ASSOC);
           
            if($row_flag['shop_Flag'] !== "") {
                echo "Flag: <img src='{$boardurl}/Sources/shop/flag_images/{$row_flag['shop_Flag']}'><br>";
            }
--- End quote ---

Suki:
Hi, SMF 2.0 uses a framework/set of functions to perform queries: http://www.simplemachines.org/community/index.php?topic=224166.0

on you specific case:


--- Code: ---//BEGIN SMFShop Profile Images Item 0.1 Beta
global $smcFunc;

$flag = '';

$request = $smcFunc['db_query']('', '
SELECT shop_Flag
FROM {db_prefix}members
WHERE id_member = {int:id_member}
LIMIT {int:limit}',
array(
'id_member' => $message['member']['id'],
'limit' => 1,
)
);

while ($row = $smcFunc['db_fetch_row']($request))
$flag = $row['shop_Flag'];

if (!empty($flag))
$context['my_mod']['flag'] = $flag;

--- End code ---

Do note how the casting array is used to pass the values instead of hardcoding them on the query itself.

The Wizard:
Thank you Suki

The Wizard:
@Suki - Could you check this code and tell me if I did it right?

Thanks

Wiz


Orginal Code:


--- Quote ---function onUse() {
        global $db_prefix, $ID_MEMBER;
       
        $result = db_query("UPDATE {$db_prefix}members
                            SET shop_Flag = '{$_POST['flag']}'
                            WHERE ID_MEMBER = {$ID_MEMBER}",
                            __FILE__, __LINE__);

        return "Successfully set your flag image to {$_POST['flag']}!";
    }
--- End quote ---

Wizards Try:


--- Quote ---function onUse() {
        global $smcFunc;

        $result = $smcFunc['db_query']('', '
      UPDATE {$db_prefix}members
      SET shop_Flag = '{$_POST['flag']}'
       WHERE id_member = {int:id_member}
       LIMIT {int:limit}',
       array(
          'id_member' => $message['member']['id'],
          'limit' => 1,
       )
    );
       return "Successfully set your flag image to {$_POST['flag']}!";
    }
--- End quote ---

Suki:
Not quite like that.

Just like the other cases, you need to cast that var on the casting array:

SET shop_Flag = {string:flag}


array(
          'id_member' => $message['member']['id'],
          'limit' => 1,
          'flag' =>  $_POST['flag']
       )

Of course you need to properly sanitize all your $_POST superglobals and make sure they contain exactly what you want them to contain. On this case the LIMIT is redundant since the WHERE argument pretty much narrows the query down to just 1 entry.

Navigation

[0] Message Index

[#] Next page

Go to full version