Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Data Model Questions

[SOLVED] get_one doesn't compare my data


Reply

5 Posts   751 Views

Avatar
quanto

28 February 2011 at 10:24pm Community Member, 81 Posts

I have the very simple class:

class ActionCode_Controller extends Page_Controller
{
function ActionCodeForm() {
...
}

function CheckCode($data, $form) {
$test = DataObject::get_one("ActionCode", "`Code`='".$data['Code']."'");
if($test){
echo "yes";
}
else {
echo "no";
}
}
}

I try to get the Code from the database. If it's in (temporary) shout yes, if it's not (temporary) shout no.
But it always shouts no (returns false) Even if I put in `Code`= '1234'.

What am I doing wrong?

Avatar
Willr

28 February 2011 at 11:10pm Forum Moderator, 5511 Posts

Couple things

* DataObject::get_one("ActionCode", "`Code`='".$data['Code']."'"); . If data is coming from a form this could introduce a exploit on your site.
You should write it as DataObject::get_one("ActionCode", "\"Code\" = '". Convert::raw2sql($data['Code']) ."'"); Also note backticks are no longer recommended.

* Try a simple DataObject::get_one("ActionCode"); and see if that returns anything.

* Use ?showqueries=1 to see what SQL it's executing for that select and try and run it in your database directly, see if that returns anything.

Avatar
quanto

28 February 2011 at 11:53pm Community Member, 81 Posts

* DataObject::get_one("ActionCode", "`Code`='".$data['Code']."'"); . If data is coming from a form this could introduce a exploit on your site.
You should write it as DataObject::get_one("ActionCode", "\"Code\" = '". Convert::raw2sql($data['Code']) ."'"); Also note backticks are no longer recommended.

This still returns false. What do you mean with 'backticks'?

* Try a simple DataObject::get_one("ActionCode"); and see if that returns anything.

This one returns true

* Use ?showqueries=1 to see what SQL it's executing for that select and try and run it in your database directly, see if that returns anything.

This one doesn't return anything. Not in Dev mode, neither in live mode.

Avatar
omarkohl

2 March 2011 at 1:06am Community Member, 30 Posts

Try Debug::dump($test) to see if there is anything useful inside. Backtick ist this: `(what you put around the first Code).

Debug::dump() is probably my favourite feature ;-)

Avatar
quanto

2 March 2011 at 1:21am Community Member, 81 Posts

I already found the error:

The class ActionCode extended Page, instead of DataObject, so the query pointed to Sitetree, and not to the table ActionCode

Also I get now the right error output by putting the following code in __config.php:

ini_set('display_errors', 1);
error_reporting(E_ALL);
Director::set_environment_type("dev");

Thanks all for the support.