Thread

Active Record problem with SQL functions

September 13, 2018 12:47am

Subscribe [2]
  • #1 / Sep 13, 2018 12:47am

    sage12

    3 posts

    Hi, can anyone tell me how to convert this:

    $query = $this->EE->db->query("SELECT entry_id, entry_date FROM exp_twitter WHERE entry_date < UNIX_TIMESTAMP(DATE_SUB(NOW(), INTERVAL " . $this->tw_tweet_interval_limit . " " . $this->tw_tweet_interval . "))");

    to something like this:

    $this->EE->db->select('entry_id, entry_date');
    $this->EE->db->where('entry_date <', 'UNIX_TIMESTAMP(DATE_SUB(NOW(), INTERVAL ' . $this->tw_tweet_interval_limit . ' ' . $this->tw_tweet_interval . ')))');
    $query = $this->EE->db->get('exp_twitter');

    at the moment the Active Record select is being skipped.

    Thanks

  • #2 / Oct 11, 2018 3:34pm

    Derek Jones's avatar

    Derek Jones

    7364 posts

    What do you mean it’s being “skipped”? The only problem I see is that the right hand of your where() clause is probably being treated as a string instead of passed as a SQL statement. That’s standard for security and escaping, to prevent common SQL injection. If you have already validated and escaped your interval variables values, you can set the where() method’s third parameter ($escape, default TRUE) to FALSE.

    Ref: https://docs.expressionengine.com/latest/development/legacy/database/active_record.html#CI_DB_active_record::where

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases