Codeigniter query error: Undefine offset 1

Question

I am simply run a query inside my model code mention below:

public function friend($name)
{
    $arr = explode(" ",$name);
    $fname = $arr[0];
    $lname = $arr[1];

    $this->db->select('*');
    $this->db->from('client');
    $where = "fname='".$fname."' and lname='".$lname."'";
    $this->db->where($where);
    $sql = $this->db->get();
    if($sql->num_rows() > 0)
    {
        $result = $sql->result_array();
        return $result;
    }
    else
    {
        $this->session->set_userdata('err','<p style="color:red;">No information found!</p>');
    }
}

Suppose $name='Jhon Carter' and I use explode function to get firstname & lastname. I have two columns in my table i.e fname and lname. I want to get data according to these columns So How can I do this? Please help me.

Thank You

Where is $name coming from? A form input? – TimBrownlaw Jun 26 '19 at 10:49 — TimBrownlaw, Jun 26 '19 at 10:49

Alive to die - Anant · Accepted Answer · 2019-06-26T11:04:17.020

You need to use isset()

$arr = explode(" ",$name);
$fname = (isset($arr[0]) ? $arr[0] :'');
$lname = (isset($arr[1]) ? $arr[1] :'');

And prevent code from SQL INJECTION:

public function friend($name)
{
    $arr = explode(" ",$name);
    $fname = (isset($arr[0]) ? $arr[0] :'');
    $lname = (isset($arr[1]) ? $arr[1] :'');

    if(!empty($fname) && !empty($lname)){

        $sql = "SELECT * FROM client WHERE fname = ? AND lname= ?"; 
        $this->db->query($sql, array($fname, $lname));

    }else if(!empty($fname) && empty($lname)){

        $sql = "SELECT * FROM client WHERE fname = ?"; 
        $this->db->query($sql, array($fname));

    }else if(empty($fname) && !empty($lname)){

        $sql = "SELECT * FROM client WHERE lname= ?"; 
        $this->db->query($sql, array($lname));

    }
    $sql = $this->db->get($query);

    if($sql->num_rows() > 0)
    {
        $result = $sql->result_array();
        return $result;
    }
    else
    {
        $this->session->set_userdata('err','<p style="color:red;">No information found!</p>');
    }
}

Where clause should be parametized. This is open to SQL injection. — Dharman, Jun 26 '19 at 10:55

Codeigniter query error: Undefine offset 1

1 Answers1