where $CURRENT_USER['num'] problem after post!

By ht1080z - December 8, 2011 - edited: December 9, 2011


In the attached php i update the mysql 'accoms' table of the current user using membership plugin. When the mysql update is successfully done(!) and the page reloaded i get error:

MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') ORDER BY globalOrder LIMIT 1' at line 3

Using debugsql i can see:

SELECT SQL_CALC_FOUND_ROWS `accoms`.* FROM `hotelof_accoms` as `accoms` WHERE (owner = 8 AND (`title` = 'My hotel') AND (`type` = '2') AND (`category` = '1') AND (`from` = '01/04/2012') AND (`to` = '01/10/2012') AND (`km_air` = '111') AND (`km_port` = '221') AND (`km_city` = '331') AND (`km_beach` = '441') AND (`transfer_city` = '1') AND (`transfer_beach` = '1') AND (`architect` = '1')) ORDER BY dragSortOrder DESC

where is my query:
'where' => 'owner = '.mysql_escape($CURRENT_USER['num']),

the $CURRENT_USER['num'] is normally just a number, isn't it?
When i do <?php echo $CURRENT_USER['num'] ?> before the submit i get only the number of the user.
That's why the page worked when i loaded before the update:

SELECT SQL_CALC_FOUND_ROWS `accoms`.* FROM `hotelof_accoms` as `accoms` WHERE (owner = 8) ORDER BY dragSortOrder DESC LIMIT 1

how can i remove the $post data or change the header, i tried so many ways...
header("Location: " . $_SERVER['PHP_SELF']); ......... [crazy]

Please advise!

Re: [ht1080z] where $CURRENT_USER['num'] problem after post!

By Jason - December 9, 2011


What's happening is that all of the information you just posted form the form is making it's way into your getRecords() query. you can stop this by using setting the 'allowSearch' option to false like this:

list($accomRecords, $accomMetaData) = getRecords(array(
'tableName' => 'accoms',
'where' => 'owner = '.mysql_escape($CURRENT_USER['num']),
'limit' => '1',
'allowSearch' => false,
$accomRecord = @$accomRecords[0];

Hope this helps
Jason Sauchuk - Project Manager

Hire me! Save time by getting our experts to help with your project.