Hi has anyone had experience with using AES_DECRYPT and codeigniters active record. I've tried using the following line:
$query = $this->db->select("AES_DECRYPT(testing,'$key') as testing");
but continue to get an sql syntax error. I've tried using a manual standard sql string which works but would prefer to stick with active record if I can.
CodeIgniter is trying to escape that, and it has no idea how to. Add FALSE as the 2nd parameter to tell it not to escape it.
// We need to escape this value before the query
$key = $this->db->escape($key);
// Tell CodeIgniter not to escape this
$this->db->select("AES_DECRYPT(testing, $key) as testing", FALSE);
Related
I am migrating an old TYPO3-extension to the current build and am trying to change my database access to using doctrine. For the most part that worked great, but now I came upon a few select queries, that make use of SQL-functions e.g. "Year(FROM_UNIXTIME())".
I tried using the sql function as is in the following form:
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('mytable');
$queryBuilder
->select('i.*','c.title AS cat_title','c.uid AS cat_uid')
->from('mytable','i')
->join('c'
...
)
->join('d'
...
)
->where(
$queryBuilder->expr()->eq('Year(FROM_UNIXTIME(i.datetime))', $queryBuilder->createNamedParameter($year, \PDO::PARAM_STR))
)
The problem is only with the where part, if i get a read-out on the SQL statement the where clause is simply omitted, as if the line of code never happened.
I then proceeded to make debug statements around the where statement and encapsulate it in a try catch block with a log attached to it:
It executes fine, without error, but does nothing.
After google, I now believe, that i would need to implement that function again using the DQL user functions, but the documentation on the typo3 site offers no mention of this and so i am a little unsure as to how to proceed.
Can someone point me in the right direction?
Any help would be much appreciated
Regards
Theo
I defaulted to using php to parse the years to full dates and convert them to unix timestamps. The option of using the ORM was there, but simply too much to handle.
I implemented it as follows:
// to convert towards db:
$queryBuilder->createNamedParameter(mktime(0,0,0,1,1, (int)$year), \PDO::PARAM_INT)
// and back:
$queryBuilder->select('i.datetime AS yearb')
// ... the rest of the query seems of litle interest
;
$current = date("Y",$queryBuilder->execute()->fetch()['yearb']);
You can use plain SQL:
$queryBuilder
->select('i.*','c.title AS cat_title','c.uid AS cat_uid')
->from('mytable','i')
->join('c'
...
)
->join('d'
...
)
->where(
'Year(FROM_UNIXTIME(i.datetime)) = '.$queryBuilder->createNamedParameter($year, \PDO::PARAM_STR)
)
I try to get the Releasemaker from Akeeba running and set the language for a release/item to All (*). But one can assume that this kind of problem should happen to any kind of code which tries to set a database field language using code in the Site folder.
If you have a multilingual site you probably have the plugin "System - Language Filter" running. This plugin sets a $_REQUEST['language'] value to a specific language. Every time. As a result code like $data = $app->input->getData() will get the language value of that $_REQUEST value instead of the value from the $_POST array so you can't set that language field with the usual ->bind($data) operation.
Did you encountered that issue as well? What is your solution for this?
I got myself a solution for this. I actually can imaging two ways to solve this. On the one hand you can rename the language parameter which is transferred from the client to the server and do magic stuff in the persistent layer. On the other hand you can try to fix the work of the language filter plugin. Since I don't want to change the component I chose the second way and added a system plugin to reset the language value in the request to * as I need it. Of course one can read that value from the POST data as well. The plugin is as strict as possible where to do that magic to not crash the other stuff.
class PlgSystemLanguagefixer extends JPlugin
{
public function onAfterRoute() {
// Get the application object.
$app = JFactory::getApplication();
$option = $app->input->get('option');
$format = $app->input->get('format');
$task = $app->input->get('task');
$view = $app->input->get('view');
if ($option == 'com_ars' && $task=='save' && $format == 'json' && ($view=='releases' || $view='items')) {
$app->input->set('language', '*');
}
}
}
Please note that this question is still open for better answers :)
I'm creating a web application using codeigniter and postgresql. I have this inside my database:
user
id name
unique(name)
When someone try to register with the same name, i get an error. How can i handle them, without displaying the codeigniter's error and showing instead my custom error?
If i set $db['default']['db_debug'] = FALSE; i don't get any error of course, but is there a way to handle the db error or should i check myself if the table already contains an entry with that same name?
Use Codeigniters form validation class. is_unique[table.columnName]. This will do the work for you. Below is an example
$this->form_validation->set_rules('name', 'Name', 'is_unique[table_name.Name]');
Then just set a custom message referencing the is_unique validation like below
$this->form_validation->set_message('is_unique', 'Name already exists');
I dont know anything by codeigniter, but im going to assume the principle works the same:
You first make a query like SELECT id FROM tablename WHERE name='SomeName' LIMIT 1, then you check the number of rows. This kind of checking is fairly normal. Control as much as you (sensebly) can to avoid errors down the road.
Zero rows? Safe to insert. Not zero rows? Display something like 'username allready taken'.
Example with some code:
$check = mysqli_query("SELECT id FROM tablename WHERE name='SomeName' LIMIT 1");
if( $check->num_rows!==0 ){
echo 'Username allready taken'; // echo is bad, you should process this better, but this is easy demo
}
else{
// Your normal inserting code goes here.
}
Like Martijn said, it is a solution.
CI doesn't throw exception, so when you perform a query, it will return NULL if the statement fails.
You may want to see CodeIgniter - how to catch DB errors?
I'm very new to php and mysql. I'm trying to pass the value "part(2)" to my code igniter controller. "part(2)" is one of the name of the data values in my database. After passing it to the uri segment, I extracted it using the command $value = str_replace("%20", " ", $this->uri->segment(5)); . Now when i search my database using the variable $value, it's not displaying the results. I presume the problem is with having using "()". I am wondering if it has anything to do with the data type utl8 vs latin1. My database is configured to use latin1_general_ci. I have tried changing the database field type to utl8_general_ci, but it does not work. Can anyone please help me out here?.
Have you tried var_dump($value) just to see what it contains?
Also, the result from $this->db->last_query(); might be useful to see what you are actually quering your database for. I don't see a reason why you couldn't put perenthesis in your database.
Im pretty sure both utf8 and latin1 are fine.
can you post your controller code?
firstly, if you are passing the value in your uri, do you have () in your permitted uri characters in application/config/config.php?
something like this:
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-()';
But I just tried this and my values came out with html entities: part(2) instead..
you can fix this with something like this:
input_value = html_entity_decode($input_value);
Im having a little trouble with my form_dropdown in codeigniter, basically it ALWAYS adds the multiple="multiple" and i dont know how to get rid of it.
Here is the code im using to generate the dropdown
$js = 'class="users"';
echo form_dropdown('users', $users, set_value('users', $users), $js);
Is there anything i can add so that it doesnt automatically create it with the multiple option
I think the issue is related to your third option set_value('users',$users)
Since $users is probably an array, the set_value may be setting multiple options to selected and in such a case form_dropdown would generate the multiple property.
Try passing a single user value and make sure that works as you expect.
Also, check the out put from the set_value function to see if it returns an array instead of a single value.
You don't need to use set_value here. Just use the value you want selected.
$js = 'class="users"';
$user = 1;
echo form_dropdown('users', $users, $user, $js);