I'm trying to use have my array be read, but since the upgrade from php 5 to php 7.2, its not working

Question

  function read($tbl,$keys = array(), $sort = array(), $limit = '', $assoc = array()) {
   $sql = 'SELECT * FROM `'.$this->prefix.$tbl.'`';
    if (count($keys)>0) {
      $where = '';
      foreach ($keys as $k => $v) {
        if ($where != '') $where .= ' AND ';
        $where .= '`'.$k.'`="'.(mysqli_real_escape_string($this->fhawdb, $v)).'"';
      }
      $sql .= ' WHERE '.$where;
    }
    if (count($sort)>1) {
      $sorting = '';
      foreach ($sort as $s) {
        if ($sorting!='') $sorting.=',';
        $sorting .= $s;
      }
      $sql .= ' ORDER BY '.$sorting;
    }
        echo $sql;
    if ($limit != '') {
      $sql .= ' LIMIT '.$limit;
    }
    $res = mysqli_query($this->fhawkdb, $sql);
        //printf("Select returned %d rows.\n", mysqli_num_rows($res));
    if (!$res) { die('query failed: '.$sql); }
    $result = array();
    while ($row = mysqli_fetch_assoc($this->fhawkdb, $res)) {
      if (count($assoc)) { /* maybe there is a better way to do this? */
        $str = '$result';
        foreach ($assoc as $k) {
          $str .= '[\''.$row[$k].'\']';
        }
        $str .= '=$row;';
        eval($str);
      } else {
        $result[] = $row;
      }
    }
    mysqli_free_result($this->fhawkdb, $res);
    return $result;
  }

When I call it using php 7.2, I'm expecting the var_dump in another portion of the code called "Banned"

  function banned() {
    global $_SERVER;

    $banned = $this->db->read('banned',array(),array('priority'));
    /* now check if the ip has been banned display the banned template */
        var_dump($banned);
    foreach ($banned as $row) {
      if ($this->matchIP($_SERVER['REMOTE_ADDR'],$row['ip'])) {
        return $row['access'];
      }
    }
    /* no match has been found */
    return 'deny';
  }

I'm expecting the var dump to return something like this:

array(2) { [0]=> array(4) { ["id"]=> string(1) "1" ["ip"]=> string(9) "127.0.0.1" ["access"]=> string(5) "allow" ["priority"]=> string(1) "1" } [1]=> array(4) { ["id"]=> string(1) "2" ["ip"]=> string(9) "0.0.0.0/0" ["access"]=> string(5) "allow" ["priority"]=> string(7) "9999999" } }

But I keep getting this:

array(0) { }

I've tried research the answers in the php documenation, but this has been bugging me for 2 weeks. I need this to return the rows in the table in the database, but it's drawing blanks.

I changed the controls to instantly allow all requests, and the application functions properly, but I'd like some help.

Thank you

Did you try to debug inside the read() function then? Have you got php and mysqli error reporting enabled? We cannot run the code or see your database so you'll need to pinpoint an error or bug more precisely than that before we can be of much help. — ADyson, Aug 30 '23 at 22:36
**Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) — Dharman, Aug 30 '23 at 23:56

I'm trying to use have my array be read, but since the upgrade from php 5 to php 7.2, its not working

0 Answers0