I'm creating a snippet that updates json string into mysql.
The problem is that json contains " -charachters
but i cant get it to either run trogh php or run trough sql, always mismatch of the ' charachters:
$save_string='[{"page_id": "'.$pid.'", "viewed": "'.$pvalue.'"}]';
$save_string=addslashes($save_string);
$sql='UPDATE '.TABLE_PREFIX.'users SET checked_content='.$save_string.' WHERE user_id='.$uid;
$results = $database->query( $sql );
$retval.= $results.$sql;
$retval.= '<br>päivitetty';
-Fatal error: Call to a member function query() on a non-object in /var/www/verkkokurssi/modules/droplets/droplets.php(37) : eval()'d code on line 12
$sql='UPDATE '.TABLE_PREFIX.'users SET checked_content=''.$save_string.'' WHERE user_id='.$uid;
Parse error: syntax error, unexpected ''.$save_string.'' (T_CONSTANT_ENCAPSED_STRING) in ....droplets.php(37) : eval()'d code on line 41
$sql='UPDATE '.TABLE_PREFIX.'users SET checked_content=\''.$save_string.'\' WHERE user_id='.$uid;
Fatal error: Call to a member function query() on a non-object in /var/www/verkkokurssi/modules/droplets/droplets.php(37) : eval()'d code on line 12
$sql='UPDATE '.TABLE_PREFIX.'users SET checked_content=\\''.$save_string.'\\' WHERE user_id='.$uid;
Parse error: syntax error, unexpected ''.$save_string.'' (T_CONSTANT_ENCAPSED_STRING) in /var/www/verkkokurssi/modules/droplets/droplets.php(37) : eval()'d code on line 41
So what does it take to get it in to the system?!!
Working sql made manually and run into sql console:
UPDATE wbakervk1_users SET checked_content='[{\"page_id\":\"1\",\"viewed\":\"1\"},{\"page_id\":\"2\",\"viewed\":\"0\"},{\"page_id\":\"13\",\"viewed\":0}]' WHERE user_id=1
Quote from: noname8 on October 23, 2016, 12:24:39 PM
I'm creating a snippet Droplet that updates json string into mysql.
The problem is that json contains " -charachters
but i cant get it to either run trogh php or run trough sql, always mismatch of the ' charachters:
$save_string='[{"page_id": "'.$pid.'", "viewed": "'.$pvalue.'"}]';
$save_string=addslashes($save_string);
$sql='UPDATE '.TABLE_PREFIX.'users SET checked_content='.$save_string.' WHERE user_id='.$uid;
$results = $database->query( $sql );
$retval.= $results.$sql; // <-- !! concate Boolean and String ???
$retval.= '<br>päivitetty';
-Fatal error: Call to a member function query() on a non-object in /var/www/verkkokurssi/modules/droplets/droplets.php(37) : eval()'d code on line 12
- "Call to a member function query() on a non-object" means that $database does not contain a valid database object.
You can try to import the global one. - the use of addslashes() with SQL statements is a bad solution.
Use $database->escapeString($save_string); instead.
Ok, from this the following code should work properly.
<?php
global $database;
$sSaveString='[{"page_id": "'.$pid.'", "viewed": "'.$pvalue.'"}]';
$sql = 'UPDATE `'.TABLE_PREFIX.'users` '
. 'SET `checked_content`=\''.$database->escapeString($sSaveString).'\' '
- 'WHERE `user_id`='.(int)$uid;
$bRetval = $database->query($sql);
return '<br>'.($bRetval ? 'päivitetty' : 'virhe');
have a nice day,
Manuela
Thanks a million! (nynccats) https://www.youtube.com/watch?v=GE8M5QM1sf8 (https://www.youtube.com/watch?v=GE8M5QM1sf8)
it was missing the global $database; row at the start.
And also thanks for the real escape, couldn't figure that out !
:-)