2

I have created a table on a wordpress database, This database table should have 2 columns.

One for postcode and one for a URL

If the postcode is found in the database, redirect to the corresponding URL

I am inserting rows from my plugin but I cannot select from this table.

Select return always error.

The insert that is working this is the action.php`

this is the form with shortcode

<?php

if ( !defined( 'ABSPATH' ) ) exit;

register_activation_hook( __FILE__, "activate_myplugin" );
register_deactivation_hook( __FILE__, "deactivate_myplugin" );


function activate_myplugin() {
    init_db_myplugin();
}


function postcode_form_function() { 
?>
        <form  method="GET" action="<?php echo plugins_url('action.php', __FILE__ ); ?>">
    <label>postcode</label><input type="text" pattern="[0-9]{5}" title="Five digit zip code" />
    <button name="submit">submit</button>
    </form>
<?php
} 

// register shortcode
add_shortcode('postcode_form', 'postcode_form_function'); 
?>

When I try to select from this table I am taking nothing

<?php  require('../../../wp-blog-header.php');

if(isset($_POST['submit']))
{
    $postcode = $_POST['postcode'];
    // search in all table columns
    $query = "SELECT url 
    FROM wp_4_customer
    WHERE $postcode =postcode 
    ";
    $search_result = submit($query);
    
} else {
   echo 'error';
}

// function to connect and execute the query
function submit($query)
{
    global  $wpdb ;
    $search_result = $wpdb->get_results($query);
    foreach($search_result as $row){`enter code here`
        header('Location: '.$row['url']);
    }
}
?>
marwa
  • 43
  • 4
  • 2
    Assuming your postcode value is not purely numeric, then this is obviously missing the quotes. And this is totally lacking any SQL injection prevention. – CBroe Jun 20 '22 at 13:45
  • `WHERE $postcode =postcode` is wrong and needs to be swapped to `WHERE postcode = '$postcode' ` – Markus Zeller Jun 20 '22 at 13:45
  • @MarkusZeller no, SQL does not really care about that. `columname = value` and `value = columname` are the same thing. – CBroe Jun 20 '22 at 13:47
  • Tidy code demonstrates the possibility of a logical mind :) – RiggsFolly Jun 20 '22 at 13:55
  • please see - https://stackoverflow.com/questions/601300/what-is-sql-injection. the only protection you have from this is the pattern set on the input, which doesn't prevent raw submission of values like `'' OR 1` from being submitted. Which can easily be done using something like postman or any rest client. see also https://developer.wordpress.org/reference/classes/wpdb/prepare/ – ArtisticPhoenix Jun 20 '22 at 14:16
  • Take your raw SQL and dump it out, then run that through a SQL tool such as phpMyAdmin to see what it does and if it provides the results you expect. Also, consider using the [more OOP-like version](https://developer.wordpress.org/reference/classes/wpdb/#select-a-row) of the query builder which gets you some SQL protection. And, you `submit` code doesn't return anything, however you are calling it as if it does. Are you expecting multiple results, because otherwise `foreach` doesn't make sense either. – Chris Haas Jun 20 '22 at 14:16
  • Can you provide the exact SQL query that produces the error (via `print $query;`)? – Jared Jun 20 '22 at 17:43

0 Answers0