copperspeed

Solved: The end result was to remove array() from Smarty call like so: {assign var='brgdatas' value=$brgObj->fetchOneBrg(['id'=>$ststres[ststval].to_id])} [/color]

@jessica Listen, I don't want to argue with you but you are asking some basic questions when it clearly states what $db is in the function. $db = Core::getInstanse(); Is clearly a call to the database for login and setup for querying. If you don't know what the code below is and how it is used you don't know PDO because you wouldn't have asked what execute() means. $ststres = $db->dbh->prepare("SELECT * FROM ".USERS_STATS." WHERE user_id = :uID ORDER BY id DESC LIMIT :zero, :forty"); $ststres->bindParam(':uID',$udata['id'],PDO::PARAM_INT); $ststres->bindValue(':zero',0,PDO::PARAM_INT); $ststres->bindValue(':forty',40,PDO::PARAM_INT); $ststres->execute(); It is clear that I am passing the results from $ststres into the Smarty call which I showed you what the var_dump results were to be passed.

@PFMaBiSmAd I have tried this before. If I remove the [] I receive the following error: {assign var='brgdatas' value=$brgObj->fetchOneBrg(array('id'=>$ststres[ststval].to_id))}" - Unexpected "=>", expected one of: "","" , ")"' According to Smarty.net if I use associative arrays within Smarty it requires []. If you have a workaround I would love to read it.

Jessica are you familiar with PDO because execute() is a function of it? PDO protects your code from sql injection.

$ststres = $db->dbh->prepare("SELECT * FROM ".USERS_STATS." WHERE user_id = :uID ORDER BY id DESC LIMIT :zero, :forty"); $ststres->bindParam(':uID',$udata['id'],PDO::PARAM_INT); $ststres->bindValue(':zero',0,PDO::PARAM_INT); $ststres->bindValue(':forty',40,PDO::PARAM_INT); $ststres->execute(); $ststres=$ststres->fetchAll(PDO::FETCH_ASSOC); Var_dump of expect outcome from $ststres and what execute expects to receive: Example of var_dump($ststres[ststval].to_id): string(4) "1066" string(4) "1066" string(4) "1066" {assign var='brgdatas' value=$brgObj->fetchOneBrg(array(['id'=>$ststres[ststval].to_id]))} public function fetchOneBrg(array $conditions){ $db = Core::getInstance(); $sql = "SELECT * FROM ".USERS_BRG." WHERE "; $params = array(); $i=0; foreach ($conditions as $column => $value) { if (preg_match('/^[a-z-.-_]+$/', $column)) { if($i !=0){ $sql .= " AND "; } $sql .= "$column = ?"; $params[] = $value; $i++; } } $res = $db->dbh->prepare($sql); $res->execute(array_values($params)); return $res->fetch(PDO::FETCH_ASSOC); I hope this makes more sense.

@Jessica but how do I resolve it?

I can't figure out why I am receiving the following error Notice: Array to String conversion in 'path' line 462. Below is the code for line 462. public function fetchOneBrg(array $conditions){ $db = Core::getInstance(); $sql = "SELECT * FROM ".USERS_BRG." WHERE "; $params = array(); $i=0; foreach ($conditions as $column => $value) { if (preg_match('/^[a-z-.-_]+$/', $column)) { if($i !=0){ $sql .= " AND "; } $sql .= "$column = ?"; $params[] = $value; $i++; } } $res = $db->dbh->prepare($sql); Line 462: $res->execute(array_values($params)); return $res->fetch(PDO::FETCH_ASSOC); $ststres = $db->dbh->prepare("SELECT * FROM ".USERS_STATS." WHERE user_id = :uID ORDER BY id DESC LIMIT :zero, :forty"); $ststres->bindParam(':uID',$udata['id'],PDO::PARAM_INT); $ststres->bindValue(':zero',0,PDO::PARAM_INT); $ststres->bindValue(':forty',40,PDO::PARAM_INT); $ststres->execute(); $ststres=$ststres->fetchAll(PDO::FETCH_ASSOC); I suspect it is the code above being passed in as a string to during the call array(['id'=>$ststres[ststval].to_id] below in Smarty. Doing a var_dump returns strings in array. How to resolve this and why is the string conversion happening on the ID's? Example of var_dump: string(4) "1066" string(4) "1066" string(4) "1066" This is the call to the function: {assign var='brgdatas' value=$brgObj->fetchOneBrg(array(['id'=>$ststres[ststval].to_id]))} Thank you for your help.