Prepared statements in integration

Need some custom code changes to the phpBB core simple enough that you feel doesn't require an extension? Then post your request here so that community members can provide some assistance.

NOTE: NO OFFICIAL SUPPORT IS PROVIDED IN THIS SUB-FORUM
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

NOTE: NO OFFICIAL SUPPORT IS PROVIDED IN THIS SUB-FORUM
Post Reply
santa_oscuro
Registered User
Posts: 8
Joined: Tue Jul 04, 2017 10:22 am

Prepared statements in integration

Post by santa_oscuro » Fri Aug 10, 2018 9:24 pm

Hi there, I have an integrated forum at my webpage, where i generated a my database inside PHPBB database for catch the users. Well, until now i had no problems, i have connected users at page login, register, etc..
But the problem is that at time to generate prepared statements it's impossible.
It is also necessary to say that at page i can 't use $_POST and $_GET and i had to use request_var('', '0');, because ever jump this error:

Code: Select all

Illegal use of $_POST. You must use the request class to access input data. This error message was generated by deactivated_super_global...
For queries, only works normal queries like this:

Code: Select all

$result = $link->query("SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 ") or die("Error");
if i try somehting like this or similars ever jumps Error 500:

Code: Select all

$sql = "SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 "
$result = $db->query($sql);
$row = $db->mysqli_fetch_row($result);
$db->mysqli_free_result($result);
All code for connect with forum that i have at index page and backend is that:

Code: Select all

define('IN_PHPBB', true);
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './forum/';
$phpbb_url_path = 'http://page.com/forum/'; 
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include_once($phpbb_root_path . 'common.' . $phpEx);

$user->session_begin();
$auth->acl($user->data);
$user->setup();

$db = mysqli_connect("$dbhost", "$dbuser", "$dbpasswd") or die("fail");
mysqli_select_db($db, "$dbname") or die("fail");

(after that code i have this only at web page including index)
page_header....
$template->....

page_footer(); //at footer


Anyone know why is that?

Sorry for my english XD i hope anyone could help me. Thanks in advance

User avatar
kinerity
Community Team Member
Community Team Member
Posts: 1968
Joined: Mon Sep 01, 2014 1:00 am
Location: sudo rm -rf /
Name: Kailey Truscott
Contact:

Re: Prepared statements in integration

Post by kinerity » Sat Aug 11, 2018 3:12 am

santa_oscuro wrote:
Fri Aug 10, 2018 9:24 pm
It is also necessary to say that at page i can 't use $_POST and $_GET and i had to use request_var('', '0');, because ever jump this error:

Code: Select all

Illegal use of $_POST. You must use the request class to access input data. This error message was generated by deactivated_super_global...
The request class can be used as such:

Code: Select all

$request->is_set_post('my_var_post');
$request->variable('my_var_int', 0);
$request->variable('my_var_string', '');
santa_oscuro wrote:
Fri Aug 10, 2018 9:24 pm
For queries, only works normal queries like this:

Code: Select all

$result = $link->query("SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 ") or die("Error");
if i try somehting like this or similars ever jumps Error 500:

Code: Select all

$sql = "SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 "
$result = $db->query($sql);
$row = $db->mysqli_fetch_row($result);
$db->mysqli_free_result($result);
You are already loading phpBB's common file, so the db class is already available to you (no need for mysqli functions):

Code: Select all

$sql = 'SELECT topic_id
    FROM ' . TOPICS_TABLE . '
    WHERE topic_id > 2';
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
Kailey Truscott - Community Team

santa_oscuro
Registered User
Posts: 8
Joined: Tue Jul 04, 2017 10:22 am

Re: Prepared statements in integration

Post by santa_oscuro » Sat Aug 11, 2018 4:38 pm

I hope this serves someone, phpbb uses Database abstraction layer which makes the statements for the database are different and it is important to read minimum these links:
https://wiki.phpbb.com/Database_Abstraction_Layer
https://wiki.phpbb.com/Using_the_phpBB3.0_DBAL
https://wiki.phpbb.com/Db.sql_build_query

It would be nice if this thing that I just did was somewhere in the truth ... I spent days doing tests and did not understand what was happening. Thanks for answer.

Post Reply

Return to “phpBB Custom Coding”

Who is online

Users browsing this forum: geankevin and 9 guests