trav Posted December 20, 2007 Share Posted December 20, 2007 I borrowed some code from a website, and then hacked a little part of the class adding my own function, except it doesn't work. I am sure there is something small that i am missing, class auth { // default constructor function auth() { if( isset( $_POST['username'] ) && isset( $_POST['password'] ) ) { $this->mysql_bind(); } else if ( isset( $_GET['logout'] ) ) { $this->user_logout(); } } // cut a bunch of code out here function user_secLevel($username, $secLevel){ $sql = sprintf("UPDATE auth_users SET secLevel = %s WHERE username = %s", $this->quote_smart($secLevel), $this->quote_smart("patty")); mysql_query($sql) or die ("Couldn't execute query. r_name=".$username.". seclevel".$secLevel." : ".$sql); } // Quote variable to make safe function quote_smart($value) { // Stripslashes if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not a number or a numeric string if (!is_numeric($value)) { $value = "'".mysql_real_escape_string($value)."'"; } return $value; } } // create the auth object $auth = new auth(); <? include('../includes/auth.php'); switch ($_GET['action']){ case "delete": echo "i equals 0"; break; case "update": $auth->user_secLevel($_GET['uid'], $_GET['secLevel']); echo "the user ".$_GET['uid']." has been updated to security level ".$_GET['secLevel'] ; break; default: echo "There was a mistake and you should not be viewing this page"; //2265 } ?> this is the output that i get Couldn't execute query. r_name=patty. seclevel2 : UPDATE auth_users SET secLevel = 2 WHERE username = '' I know my debugging is ugly. but it seems to spit out the relevant info. This leads me to believe that the quote_smart function works for the numeric value but not the string value. which baffles me since it works when tested alone. i am pulling my hair out here. what am i missing? thanks in advance. Quote Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/ Share on other sites More sharing options...
trav Posted December 21, 2007 Author Share Posted December 21, 2007 bump i am not normally this impatient but i really am going nuts. thank, trav Quote Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/#findComment-420321 Share on other sites More sharing options...
rajivgonsalves Posted December 21, 2007 Share Posted December 21, 2007 seems to work for me... Quote Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/#findComment-420326 Share on other sites More sharing options...
trav Posted December 22, 2007 Author Share Posted December 22, 2007 well i think i figured it out the mysql_real_escape_string function was trying to connect to the previous mysql connection which wasn't there. i knew had to me something small or stupid.... grrrrrr Quote Link to comment https://forums.phpfreaks.com/topic/82456-noob-help-classes/#findComment-420961 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.