Invalid value inserted or no type specified. - Please Help

Started by aarontharker, November 25, 2014, 05:28:17 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

aarontharker

November 25, 2014, 05:28:17 AM Last Edit: November 25, 2014, 06:06:28 AM by aarontharker
I'm trying to write a little mod to display and update some student information and a query in one of my functions is driving me crazy.  I hoping a fresh set of eyes will be able to tell me where I'm going wrong as it has been a long time since I did any serious PHP coding.

An example of the POST data it would be receiving is Joe.Smith-5707010000

Code Select
$studentID=substr(strstr($_POST['enrollStudent'], '-'), 1);
$studentName=strstr($_POST['enrollStudent'], '-', true);


$student = $smcFunc['db_query']('', '
SELECT {db_prefix}themes.id_member
FROM {db_prefix}themes
INNER JOIN {db_prefix}members
ON {db_prefix}themes.id_member = {db_prefix}members.id_member
WHERE {db_prefix}themes.id_member = {person} AND {db_prefix}members.real_name = {name}',
array(
'person' => $studentID,
'name' => $studentName,
)
);

while ($row = $smcFunc['db_fetch_assoc']($student)){
$EID = $row;
}

When I call the function I get "An Error has Occured - Invalid type inserted or no type specified."  Any ideas?

Arantor

#1
November 25, 2014, 06:57:43 AM
{person} and {name} are not valid. You have to indicate their type, e.g. {int:person} and {string:name}

Though I would encourage at least doing some validation on $_POST['enrollStudent'], and I would perhaps do it like so:
Code Select
list ($studentName, $studentID) = !empty($_POST['enrollStudent']) ? explode('-', $_POST['enrollStudent']) : array('', 0);
$studentID = (int) $studentID;

I also seem to recall that you might need a call to $smcFunc['htmlspecialchars'] on the display name, I can't remember exactly what SMF does on that but I know it does something on display names.

aarontharker

#2
November 25, 2014, 08:28:41 AM
Thanks heaps for that and yes I will do the validation.  I tend to get it all working properly before I put in the validation.  It reduces the places where I have to look for mistakes when things don't work properly :)

Arantor

#3
November 25, 2014, 08:33:11 AM
Speaking as a veteran, I'd suggest putting in the validation as you go - so you don't forget. That's been known to happen to me ;)

aarontharker

#4
November 25, 2014, 09:28:53 AM
It's normally the last thing I do on each function once I know it is doing what I want.  But I always do it before starting the next function so I don't miss it :)
Print
Go Up Pages1
User actions
Advertisement: