That Software Guy. My Store: Zen Cart Support
Available for hire - See my ad in Services
Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.
Do you benefit from Zen Cart? Then please support the project.
so I'm trying to update this add-on but I need a little help getting the admin page registration working but possibly more importantly this error sorted out to make sure it'll all be worth it:
[07-Jan-2018 01:27:35 America/New_York] Request URI: /spelL-MUd-shoRe/qbi_config.php, IP address: 73.52.227.139
#1 mysqli_real_escape_string() called at [/home/content/62/5902262/html/MY_ADMIN/includes/functions/qbi_functions.php:152]
#2 mysql_escape_string_array()
#3 array_walk() called at [/home/content/62/5902262/html/MY_ADMIN/includes/classes/qbi_classes.php:2610]
#4 Proc_form->proc_cleanData() called at [/home/content/62/5902262/html/MY_ADMIN/qbi_config.php:30]
[08-Jan-2018 15:36:37 America/New_York] PHP Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, string given in /home/content/62/5902262/html/MY_ADMIN/includes/functions/qbi_functions.php on line 154
here's the guilty function:
if I switch it to mysql_real_escape_string( and swap the order of the parameters as needed) it php errors about $db not being a resource.Code:function mysql_escape_string_array(&$var, $db) { if (is_array($var)) { array_walk($var,'mysql_escape_string_array', $db); } else { $var=mysqli_real_escape_string($db,$var); // This function is deprecated. PHP>=4.3.0 may use mysql_real_escape_string } return $var; }
I don't quite understand constructors or classes at this point in my programming experience but this qbi_mysql.php file contains this:
which might help someone suggest a solution possibly?Code:function & query($sql) { $this->dbConn = mysqli_connect($this->host, $this->dbUser, $this->dbPass, $this->dbName); if (!$queryResource=mysqli_query($this->dbConn,$sql)) { trigger_error ('Query failed: '.mysqli_error($this->dbConn).' SQL: '.$sql); } return new MySQLResult($this,$queryResource); } }
Best practice in Zen Cart is *not* to use mysqli directly. This will get you started on understanding the Zen Cart db abstraction layer:
https://www.zen-cart.com/wiki/index....ers_-_Database
That Software Guy. My Store: Zen Cart Support
Available for hire - See my ad in Services
Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.
Do you benefit from Zen Cart? Then please support the project.
Is this for QB online or QB desktop ?
So I'm still stuck in the qbi_class.php file
Considering this isn't used in any other part of zen-cart that I can find using developers tool-kit (or google really) i'm thinking there's a better way all together, basically I can't seem to satisfy the db link (2nd parameter part) for mysqli_real_escape_stringCode:function find_country_id($country_name) { //$country_name=mysqli_real_escape_string($this->db,$country_name); //global $db; //$this->db=$db; //$this->db=$db; $country_name=mysql_real_escape_string($country_name,$this->dbConn); $country_id=0; $sql="SELECT countries_id FROM ".TABLE_COUNTRIES." WHERE countries_name LIKE '".$country_name."'"; $result=$this->db->query($sql); if ($row=$result->fetch()) $country_id=$row['countries_id']; return($country_id); }
so after reading more into the database abstraction I'm convinced I need to go this bindVars route... so I'm trying this...
but it results in...Code:function find_country_id($country_name) { $country_id=0; $sql="SELECT countries_id FROM ".TABLE_COUNTRIES." WHERE countries_name LIKE :country_name"; $sql = $db->bindVars($sql, ':country_name', $country_name, 'string'); $result = $db->Execute($sql); $country_id = $result->fields['countries_id']; //$result=$this->db->query($sql); //if ($row=$result->fetch()) $country_id=$row['countries_id']; return($country_id); }
[08-Jan-2018 22:01:16 America/New_York] PHP Fatal error: Call to a member function bindVars() on a non-object in
If you do stay with the direct mysqli_ related function call (instead of using built-in ZC functions), then the first parameter instead of just $db (database object) would need to be the database link. Such is referenced within the query_factory class file by review of similar functions.
Further, like swguy was suggesting, there is a function within ZC that already supports the action part of that function, but not one that addresses the array aspect. Again that is in the query_factory class file and would make that portion of code flexible/compatible to more versions of ZC/php.
ZC Installation/Maintenance Support <- Site
Contribution for contributions welcome...
Here is how I rewrote this function:
Still working on rest of the script but steadily making progress. I had to type cast 'tax_lookup' field - guess I am running in strict mode and it was giving me an insert error. Hope this helps.PHP Code:function proc_cleanData() {
$this->config_data['tax_rate']=str_replace('%','',$this->config_data['tax_rate']);
if (get_magic_quotes_gpc()) stripslashes_array($this->config_data);
$this->config_data['tax_lookup']=(int)$this->config_data['tax_lookup'];
array_walk($this->config_data,'self::array_walk_callback');
}
function array_walk_callback($value) {
global $db;
$db->prepare_input($value);
}
I was able to successfully modify and install QBI import on Zen Cart 1.5.5f. resolved all the errors and even brought to (somewhat) new standard on installing the plug-ins. I will try to find time to package it and upload it to the Plug in page in the coming weeks.
Case Badges by Techiant