General Community > Scripting Help
Database Query Problem
K@:
--- Quote from: The Wizard on July 25, 2012, 02:05:41 PM ---Thanks K
--- End quote ---
Suki:
--- Quote from: The Wizard on July 25, 2012, 02:07:08 PM ---Ok so here is the final product - I hope fingers crossed :)
--- Quote ---function onUse() {
global $smcFunc;
$result = $smcFunc['db_query']('', '
UPDATE {$db_prefix}members
SET shop_Flag = {string:flag}
WHERE id_member = {int:id_member}
array(
'id_member' => $message['member']['id'],
'limit' => 1,
'flag' => $_POST['flag'],
)
);
}
--- End quote ---
--- End quote ---
OK, the query looks good but, there are some flaws, for example, you don't check your $_POST var, as it is I can enter whatever I want on the text field:
flag: 1234567
and your function will store that on your database, this is not a good thing, first thing you need to do is check if the var is actually full:
--- Code: ---
if (!empty($_POST['flag']))
{
$result = $smcFunc['db_query']('', '
UPDATE {$db_prefix}members
SET shop_Flag = {string:flag}
WHERE id_member = {int:id_member}
array(
'id_member' => $message['member']['id'],
'limit' => 1,
'flag' => $_POST['flag'],
)
);
}
--- End code ---
or since you are actually using a function, you can also pass a var to it:
onUse($_POST['flag']);
--- Code: ---function onuse($flag)
{
if (!empty($flag))
{
$result = $smcFunc['db_query']('', '
UPDATE {$db_prefix}members
SET shop_Flag = {string:flag}
WHERE id_member = {int:id_member}
array(
'id_member' => $message['member']['id'],
'limit' => 1,
'flag' => $flag,
)
);
}
else
return false;
}
--- End code ---
Best way to learn is to check other mods and see how they perform their queries.
The Wizard:
I'm taking that big thumbs up to mean I got it right.
So now here is the last of my changes -
Orginal code:
--- Quote ---if (file_exists(dirname(__FILE__) . '/SSI.php') && !defined('SMF'))
require_once(dirname(__FILE__) . '/SSI.php');
// Hmm... no SSI.php and no SMF?
elseif (!defined('SMF'))
die('<b>Error:</b> Cannot install - please verify you put this in the same place as SMF\'s index.php.');
//The Flag field in the member table
db_query("ALTER TABLE `{$db_prefix}members` ADD `shop_Flag` TEXT NOT NULL", __FILE__, __LINE__);
//Add the item :)
db_query("INSERT INTO `{$db_prefix}shop_items` (`name` , `desc` , `price` , `module` , `stock`, `input_needed`, `can_use_item`) VALUES ('Profile Image', 'Show an image next to your posts', '100.00', 'Flag', '50', 1, 1)", __FILE__, __LINE__);
--- End quote ---
My Code:
--- Quote ---if (file_exists(dirname(__FILE__) . '/SSI.php') && !defined('SMF'))
require_once(dirname(__FILE__) . '/SSI.php');
// Hmm... no SSI.php and no SMF?
elseif (!defined('SMF'))
die('<b>Error:</b> Cannot install - please verify you put this in the same place as SMF\'s index.php.');
//The Flag field in the member table
$smcFunc['db_query']('', 'ALTER TABLE `{$db_prefix}members` ADD `shop_Flag` TEXT NOT NULL', __FILE__, __LINE__);
//Add the item :)
$smcFunc['db_query']('', 'INSERT INTO `{$db_prefix}shop_items` (`name` , `desc` , `price` , `module` , `stock`, `input_needed`, `can_use_item`) VALUES ('Profile Image', 'Show an image next to your posts', '100.00', 'Flag', '50', 1, 1), __FILE__, __LINE__);
--- End quote ---
Please tell me I'm starting to understand this?
The Wizard:
Ok I have tryed to run this and I'm getting a problem form this part of the code -
--- Quote ---//Add the item :)
$smcFunc['db_query']('', 'INSERT INTO `{$db_prefix}shop_items` (`name` , `desc` , `price` , `module` , `stock`, `input_needed`, `can_use_item`) VALUES ('Profile Image', 'Show an image next to your posts', '100.00', 'Flag', '50', 1, 1)'', __FILE__, __LINE__);
--- End quote ---
But I just don't see where the problem is does anybody?
The Wizard:
Forgot This is the error I'm getting:
--- Quote ---Parse error: syntax error, unexpected T_STRING in /Packages/temp/ProfileImage_Item_0.1/installScript.php on line 12
--- End quote ---
Navigation
[0] Message Index
[*] Previous page
Go to full version