We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

Phalcon Mysql scanning error

When executing this following code on my website

$login = $this->cookies->get('login');

$loggedinas = $login->getValue();

$user = Users::findFirst("username = '" . $loggedinas . "'");

The following error is thrown at me:

PhalconException: Scanning error before 'pentacore...' when parsing: SELECT [Users].* FROM [Users] WHERE username = 'pentacore (89)

And i cant really seem to get my head around it, The code snippet worked in another Controller, but not here.

Any ideas?



98.9k
Accepted
answer
edited Oct '14

Use the ORM that way could expose your application to SQL injections, you can better write:

$user = Users::findFirstByUsername($loggedinas);
$user = Users::findFirst(array("username = ?0", "bind" => array($loggedinas)));


2.8k

Thank you, that 2nd line worked perfectly, The 1st one didnt, might just be me thats stupid.



98.9k

I have fixed it :)



2.8k

ah, that worked much better, and i gotta say, going from using raw php to using phalcon sure is a relief :)



2.8k

I ran into another problem while doing this tho, when i try to fetch variables from $user i get

Trying to get property of non-object



98.9k

It means the record could not be found:

$user = Users::findFirstByUsername($loggedinas);
if (!$user) {
   echo "user does not exist";
}


2.8k
edited Oct '14

well, the thing is that it properly fetches "pentacore" from the cookie, and passes it to the model, and i'm 100% sure that the username exists, since when i use the same line of code on another page on the site i can fetch the values from $user



2.8k

hmm when i manually enter

$user = Users::findFirstByUsername("pentacore");

it works, however

$user = Users::findFirstByUsername($loggedinas);

does not seem to work, even if

echo $loggedinas;

returns pentacore....