Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Data Model Questions /

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

[SOLVED] get_one doesn't compare my data


Go to End


5 Posts   1257 Views

Avatar
quanto

Community Member, 91 Posts

28 February 2011 at 10:24pm

I have the very simple class:

class ActionCode_Controller extends Page_Controller
{  
  function ActionCodeForm() {
   ...
  }
  
  function CheckCode($data, $form) {
    $test = DataObject::get_one("ActionCode", "`Code`='".$data['Code']."'");
    if($test){
      echo "yes";
    }
    else {
      echo "no";
    }
  }
}

I try to get the Code from the database. If it's in (temporary) shout yes, if it's not (temporary) shout no.
But it always shouts no (returns false) Even if I put in `Code`= '1234'.

What am I doing wrong?

Avatar
Willr

Forum Moderator, 5523 Posts

28 February 2011 at 11:10pm

Couple things

* DataObject::get_one("ActionCode", "`Code`='".$data['Code']."'"); . If data is coming from a form this could introduce a exploit on your site.
You should write it as DataObject::get_one("ActionCode", "\"Code\" = '". Convert::raw2sql($data['Code']) ."'"); Also note backticks are no longer recommended.

* Try a simple DataObject::get_one("ActionCode"); and see if that returns anything.

* Use ?showqueries=1 to see what SQL it's executing for that select and try and run it in your database directly, see if that returns anything.

Avatar
quanto

Community Member, 91 Posts

28 February 2011 at 11:53pm

* DataObject::get_one("ActionCode", "`Code`='".$data['Code']."'"); . If data is coming from a form this could introduce a exploit on your site.
You should write it as DataObject::get_one("ActionCode", "\"Code\" = '". Convert::raw2sql($data['Code']) ."'"); Also note backticks are no longer recommended.

This still returns false. What do you mean with 'backticks'?

* Try a simple DataObject::get_one("ActionCode"); and see if that returns anything.

This one returns true

* Use ?showqueries=1 to see what SQL it's executing for that select and try and run it in your database directly, see if that returns anything.

This one doesn't return anything. Not in Dev mode, neither in live mode.

Avatar
omarkohl

Community Member, 30 Posts

2 March 2011 at 1:06am

Try Debug::dump($test) to see if there is anything useful inside. Backtick ist this: `(what you put around the first Code).

Debug::dump() is probably my favourite feature ;-)

Avatar
quanto

Community Member, 91 Posts

2 March 2011 at 1:21am

I already found the error:

The class ActionCode extended Page, instead of DataObject, so the query pointed to Sitetree, and not to the table ActionCode

Also I get now the right error output by putting the following code in __config.php:

ini_set('display_errors', 1);
error_reporting(E_ALL);
Director::set_environment_type("dev"); 

Thanks all for the support.