MySQL Query Returns Impossible Value

Question

Not sure if I'm going crazy or not, here's what my database looks like:

+--------+-----+-----+-----+-------+-------+--------+------+-------+-----------+
| itemid | sku | upc | ean | title | style | gender | size | color | modelcode |
+--------+-----+-----+-----+-------+-------+--------+------+-------+-----------+
|   21   |00021| xxx | xxx | Bolt  | Tank  | Girls  | Small| Blue  | 60        |
+--------+-----+-----+-----+-------+-------+--------+------+-------+-----------+

Here's my Query that I run:

$query = "SELECT itemid,
upc,
sku,
ean,
title,
style,
gender,
color,
modelcode,
price,
quantity,
pagelink,
imagelinksmall,
description

from clothing where modelcode = $modelcode";

And running var_dump($rows[0]['size']); I get the value "XX-Small" when it should be just "Small".

There's more than one size per modelcode and there's numerous if/else statements in between. Here's the entire script:

$query = "SELECT itemid,
upc,
sku,
ean,
title,
style,
size,
gender,
color,
modelcode,
price,
quantity,
pagelink,
imagelinksmall,
description

from clothing where modelcode = $modelcode"; 

// This function is static for 5 different sizes, from X-Small to X-Large. If there is an XX-Small available, the script will only go to Large. If there's an XX-Large, the script will stop where
// it normally does, which is at X-Large.

function resultToArrays($result) {            // This Function declares an array as $rows, loops through each row while there's any left, and stores it into the array
  $rows = array();                            // Declares $rows as an array
  while ($row = $result -> fetch_assoc()) {   // The while loop that iterates through any and all pulled rows
    $rows[] = $row;                           // Stores the information
  }
  return $rows;
};

$result = $con->query($query);
$rows = resultToArrays($result);

$color = $rows[0]['color'];
$style = $rows[0]['style'];
$description = $rows[0]['description'];
$imagelinksmall = $rows[0]['imagelinksmall'];
$gender = $rows[0]['gender'];

if (count($rows) == 7 && $rows[0]['size'] = "XX-Small") {
    $xxSmall = $rows[0];
    $xSmall = $rows[1];
    $small = $rows[2];
    $medium = $rows[3];
    $large = $rows[4];
    $xLarge = $rows[5];
    $xxLarge = $rows[6];
    $configField = "<td>sku=$color $style $xxSmall[size],apparel_size=$xxSmall[size]|sku=$color $style $xSmall[size],apparel_size=$xSmall[size]|sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]|sku=$color $style $xLarge[size],apparel_size=$xLarge[size]|sku=$color $style $xxLarge[size],apparel_size=$xxLarge[size]</td>";
} else if (count($rows) == 6 && $rows[0]['size'] = "X-Small") {
    $xSmall = $rows[0];
    $small = $rows[1];
    $medium = $rows[2];
    $large = $rows[3];
    $xLarge = $rows[4];
    $xxLarge = $rows[5];
    $configField = "<td>sku=$color $style $xSmall[size],apparel_size=$xSmall[size]|sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]|sku=$color $style $xLarge[size],apparel_size=$xLarge[size]|sku=$color $style $xxLarge[size],apparel_size=$xxLarge[size]</td>";
} else if (count($rows) == 6 && $rows[0]['size'] = "XX-Small") {
    $xxSmall = $rows[0];
    $xSmall = $rows[1];
    $small = $rows[2];
    $medium = $rows[3];
    $large = $rows[4];
    $xLarge = $rows[5];
    $configField = "<td>sku=$color $style $xxSmall[size],apparel_size=$xxSmall[size]|sku=$color $style $xSmall[size],apparel_size=$xSmall[size]|sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]|sku=$color $style $xLarge[size],apparel_size=$xLarge[size]</td>";
} else if (count($rows) == 5 && $rows[0]['size'] = "Small") {
    $small = $rows[0];
    $medium = $rows[1];
    $large = $rows[2];
    $xLarge = $rows[3];
    $xxLarge = $rows[4];
    $configField = "<td>sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]|sku=$color $style $xLarge[size],apparel_size=$xLarge[size]|sku=$color $style $xxLarge[size],apparel_size=$xxLarge[size]</td>";
} else if (count($rows) == 5 && $rows[0]['size'] = "X-Small") {
    $xSmall = $rows[0];
    $small = $rows[1];
    $medium = $rows[2];
    $large = $rows[3];
    $xLarge = $rows[4];
    $configField = "<td>sku=$color $style $xSmall[size],apparel_size=$xSmall[size]|sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]|sku=$color $style $xLarge[size],apparel_size=$xLarge[size]</td>";
} else if (count($rows) == 5 && $rows[0]['size'] = "XX-Small") {
    $xxSmall = $rows[0];
    $xSmall = $rows[1];
    $small = $rows[2];
    $medium = $rows[3];
    $large = $rows[4];
    $configField = "<td>sku=$color $style $xxSmall[size],apparel_size=$xxSmall[size]|sku=$color $style $xSmall[size],apparel_size=$xSmall[size]|sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]</td>";
} else if (count($rows) == 4 && $rows[0]['size'] = "XX-Small") {
    $xxSmall = $rows[0];
    $xSmall = $rows[1];
    $small = $rows[2];
    $medium = $rows[3];
    $configField = "<td>sku=$color $style $xxSmall[size],apparel_size=$xxSmall[size]|sku=$color $style $xSmall[size],apparel_size=$xSmall[size]|sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]</td>";
} else if (count($rows) == 4 && $rows[0]['size'] = "X-Small") {
    $xSmall = $rows[0];
    $small = $rows[1];
    $medium = $rows[2];
    $large = $rows[3];
    $configField = "<td>sku=$color $style $xSmall[size],apparel_size=$xSmall[size]|sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]</td>";
} else if (count($rows) == 4 && $rows[0]['size'] = "Small") {
    $small = $rows[0];
    $medium = $rows[1];
    $large = $rows[2];
    $xLarge = $rows[3];
    $configField = "<td>sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]|sku=$color $style $xLarge[size],apparel_size=$xLarge[size]</td>";
} else {
    $small = $rows[0];
    $medium = $rows[1];
    $large = $rows[2];
    $configField = "<td>sku=$color $style $small[size],apparel_size=$small[size]|sku=$color $style $medium[size],apparel_size=$medium[size]|sku=$color $style $large[size],apparel_size=$large[size]</td>";
};

I've triple checked everything and I'm really at a loss right now.

**WARNING**: This has some severe [SQL injection bugs](http://bobby-tables.com/) because user data is used inside the query. Whenever possible use **prepared statements**. These are quite straightforward to do in [`mysqli`](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [PDO](http://php.net/manual/en/pdo.prepared-statements.php) where any user-supplied data is specified with a `?` or `:name` indicator that’s later populated using `bind_param` or `execute` depending on which one you’re using. **NEVER** put `$_POST`, `$_GET` or any user data directly in your query. — tadman, Oct 23 '17 at 16:56
@chris85 if it's the parameter needed for the if statement, why would that declare `$rows[0]['size']` as `XX-Small`? — Brian Pluhar, Oct 23 '17 at 16:56
tadman is talking about Little Bobby Tables: https://xkcd.com/327/. (The code in the question shows a variable `$modelcode` being included in the SQL text, and we have no way of knowing if `$modelcode` is safe for inclusion. Consider what happens if `$modelcode` evaluates to `"60 OR 1=1"`. — spencer7593, Oct 23 '17 at 17:00
@chris85 Can get confusing when you're doing SQL where `=` is comparison and PHP where that's assignment both in the same script. — tadman, Oct 23 '17 at 17:10
@spencer7593 Ahh okay, yeah I realize I didn't include the code for that but it doesn't come straight from a textfield. — Brian Pluhar, Oct 23 '17 at 17:11

MySQL Query Returns Impossible Value

0 Answers0