trav Posted December 20, 2007 Share Posted December 20, 2007 I borrowed some code from a website, and then hacked a little part of the class adding my own function, except it doesn't work. I am sure there is something small that i am missing, class auth { // default constructor function auth() { if( isset( $_POST['username'] ) && isset( $_POST['password'] ) ) { $this->mysql_bind(); } else if ( isset( $_GET['logout'] ) ) { $this->user_logout(); } } // cut a bunch of code out here function user_secLevel($username, $secLevel){ $sql = sprintf("UPDATE auth_users SET secLevel = %s WHERE username = %s", $this->quote_smart($secLevel), $this->quote_smart("patty")); mysql_query($sql) or die ("Couldn't execute query. r_name=".$username.". seclevel".$secLevel." : ".$sql); } // Quote variable to make safe function quote_smart($value) { // Stripslashes if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not a number or a numeric string if (!is_numeric($value)) { $value = "'".mysql_real_escape_string($value)."'"; } return $value; } } // create the auth object $auth = new auth(); <? include('../includes/auth.php'); switch ($_GET['action']){ case "delete": echo "i equals 0"; break; case "update": $auth->user_secLevel($_GET['uid'], $_GET['secLevel']); echo "the user ".$_GET['uid']." has been updated to security level ".$_GET['secLevel'] ; break; default: echo "There was a mistake and you should not be viewing this page"; //2265 } ?> this is the output that i get Couldn't execute query. r_name=patty. seclevel2 : UPDATE auth_users SET secLevel = 2 WHERE username = '' I know my debugging is ugly. but it seems to spit out the relevant info. This leads me to believe that the quote_smart function works for the numeric value but not the string value. which baffles me since it works when tested alone. i am pulling my hair out here. what am i missing? thanks in advance. Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/ Share on other sites More sharing options...
trav Posted December 21, 2007 Author Share Posted December 21, 2007 bump i am not normally this impatient but i really am going nuts. thank, trav Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/#findComment-420321 Share on other sites More sharing options...
rajivgonsalves Posted December 21, 2007 Share Posted December 21, 2007 seems to work for me... Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/#findComment-420326 Share on other sites More sharing options...
trav Posted December 22, 2007 Author Share Posted December 22, 2007 well i think i figured it out the mysql_real_escape_string function was trying to connect to the previous mysql connection which wasn't there. i knew had to me something small or stupid.... grrrrrr Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/#findComment-420961 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.