Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
Reload this Page Variable not behaving in query
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 09-03-2007, 02:41 AM
Knippschild Knippschild is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Variable not behaving in query
This is wierd. I have a variable within a string.

Basically I am setting a query string in a variable, then executing that variable.

example:

Code:
		$sbc_ban_query = "INSERT INTO `".TABLE_PREFIX."userban` VALUES ($sbc_poster,$sbc_p_group,$sbc_display,'','0',$sbc_bot_userid,".time().", 0, '$sbc_ban_message')";
			mysql_query($sbc_ban_query);
The problem is, for some reason the $sbc_ban_message is not returning a value during the query, though the variable is set well before it, so it's returning a BLANK value, so there's no ban reason at all.

I got very confused by this and had it PM me the query. To my surprise the message WAS there and I never changed the value of the query string. I even ran the query to PHPmyAdmin and it executes correctly with all the correct values.

I can't figure out why the query string is "apparently" blank before the query, but when I echo/PM it to myself, it's all visible.

Is there something I am totally missing?
Reply With Quote
  #2  
Old 09-03-2007, 06:19 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Are you using a vBulletin-backend on this? If you are, you should use the vBulletin DB class.
Reply With Quote
  #3  
Old 09-03-2007, 06:21 AM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I really hope you're not doing what I think you're doing when you say this: "Basically I am setting a query string in a variable, then executing that variable.".

It sounds like you're extracting request parameters using extract($_REQUEST); and then using the approriate request string, directly in your query, which is a security disaster!
Reply With Quote
  #4  
Old 09-03-2007, 06:23 AM
Knippschild Knippschild is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
no, what i'm doing is setting all the preset variables that are already sanitized into one variable, then doing a query on $query.

what's the difference between mysql_query(); and using the db class?
Reply With Quote
  #5  
Old 09-03-2007, 08:44 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
'$sbc_ban_message'

Variables do not work inside single-quotes.
Reply With Quote
  #6  
Old 09-03-2007, 09:18 AM
Opserty Opserty is offline
 
Join Date: Apr 2007
Posts: 4,103
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Marco van Herwaarden View Post
'$sbc_ban_message'

Variables do not work inside single-quotes.
He has it in double quotes the single-quotes are for MySQL.

Dump the $sbv_ban_message just before the query and exit the script before the query is run, then you can see weather it is the query or the actual variable that is wrong.

I think you should use the INSERT INTO `table` (`cols`) VALUES ('values') so that you can ensure the values are being set in the right column, it maybe you have mixed up the order and the message isn't being inserted into the right column and so it appears as though it hasn't been entered.

(Like dismounted said if you are using the vBulletin backend use the vB database class here is an article about using it: https://vborg.vbsupport.ru/showthread.php?t=119350)
Reply With Quote
  #7  
Old 09-03-2007, 03:26 PM
Knippschild Knippschild is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It's not a col problem or a variable not evaluation problem.. because I have it PM me the value of the query string and the ban reason IS there. I even run it through PHPmyAdmin and it executes properly, it's jut wierd because I make no changes to it before having it PM me the value. I'll try switching over to the $db-> class

I think I got the problem figured out. I had the plugin switch the user's usergroup to a "is banned usergroup".. apparently moving them to a banned usergroup adds a ban for them too, so it was trying to insert when something already was there.

I made it ban the user before changing usergroup and seems to work now.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 12:39 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09236 seconds
  • Memory Usage 2,217KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete