Prepared statements in integration

Need some custom code changes to the phpBB core simple enough that you feel doesn't require an extension? Then post your request here so that community members can provide some assistance.

NOTE: NO OFFICIAL SUPPORT IS PROVIDED IN THIS SUB-FORUM
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

NOTE: NO OFFICIAL SUPPORT IS PROVIDED IN THIS SUB-FORUM
Post Reply
santa_oscuro
Registered User
Posts: 8
Joined: Tue Jul 04, 2017 10:22 am

Prepared statements in integration

Post by santa_oscuro »

Hi there, I have an integrated forum at my webpage, where i generated a my database inside PHPBB database for catch the users. Well, until now i had no problems, i have connected users at page login, register, etc..
But the problem is that at time to generate prepared statements it's impossible.
It is also necessary to say that at page i can 't use $_POST and $_GET and i had to use request_var('', '0');, because ever jump this error:

Code: Select all

Illegal use of $_POST. You must use the request class to access input data. This error message was generated by deactivated_super_global...
For queries, only works normal queries like this:

Code: Select all

$result = $link->query("SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 ") or die("Error");
if i try somehting like this or similars ever jumps Error 500:

Code: Select all

$sql = "SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 "
$result = $db->query($sql);
$row = $db->mysqli_fetch_row($result);
$db->mysqli_free_result($result);
All code for connect with forum that i have at index page and backend is that:

Code: Select all

define('IN_PHPBB', true);
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './forum/';
$phpbb_url_path = 'http://page.com/forum/'; 
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include_once($phpbb_root_path . 'common.' . $phpEx);

$user->session_begin();
$auth->acl($user->data);
$user->setup();

$db = mysqli_connect("$dbhost", "$dbuser", "$dbpasswd") or die("fail");
mysqli_select_db($db, "$dbname") or die("fail");

(after that code i have this only at web page including index)
page_header....
$template->....

page_footer(); //at footer


Anyone know why is that?

Sorry for my english XD i hope anyone could help me. Thanks in advance
User avatar
Kailey
Community Team Leader
Community Team Leader
Posts: 3733
Joined: Mon Sep 01, 2014 1:00 am
Location: sudo rm -rf /
Name: Kailey Snay
Contact:

Re: Prepared statements in integration

Post by Kailey »

santa_oscuro wrote: Fri Aug 10, 2018 9:24 pm It is also necessary to say that at page i can 't use $_POST and $_GET and i had to use request_var('', '0');, because ever jump this error:

Code: Select all

Illegal use of $_POST. You must use the request class to access input data. This error message was generated by deactivated_super_global...
The request class can be used as such:

Code: Select all

$request->is_set_post('my_var_post');
$request->variable('my_var_int', 0);
$request->variable('my_var_string', '');
santa_oscuro wrote: Fri Aug 10, 2018 9:24 pm For queries, only works normal queries like this:

Code: Select all

$result = $link->query("SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 ") or die("Error");
if i try somehting like this or similars ever jumps Error 500:

Code: Select all

$sql = "SELECT t.topic_id FROM $table_topics t WHERE t.topic > 2 "
$result = $db->query($sql);
$row = $db->mysqli_fetch_row($result);
$db->mysqli_free_result($result);
You are already loading phpBB's common file, so the db class is already available to you (no need for mysqli functions):

Code: Select all

$sql = 'SELECT topic_id
    FROM ' . TOPICS_TABLE . '
    WHERE topic_id > 2';
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
Kailey Snay - Community Team Leader
Knowledge Base | Documentation | Community rules

If you have any questions about the rules/customs of this website, feel free to send me a PM.
santa_oscuro
Registered User
Posts: 8
Joined: Tue Jul 04, 2017 10:22 am

Re: Prepared statements in integration

Post by santa_oscuro »

I hope this serves someone, phpbb uses Database abstraction layer which makes the statements for the database are different and it is important to read minimum these links:
https://wiki.phpbb.com/Database_Abstraction_Layer
https://wiki.phpbb.com/Using_the_phpBB3.0_DBAL
https://wiki.phpbb.com/Db.sql_build_query

It would be nice if this thing that I just did was somewhere in the truth ... I spent days doing tests and did not understand what was happening. Thanks for answer.
Post Reply

Return to “phpBB Custom Coding”