[TYPO3-english] Re: how to: properly escape strings in 4.5.30?

Calgacus map Brude calgach at gmail.com
Thu Nov 21 22:10:21 CET 2013

Hi Xavier,
Thanks for responding.
When I change my code like so :
     * action admin
     * @return void
    public function adminAction() {
        $postsvars =  t3lib_div::_POST();
        $prizes = $postsvars['tx_bingoprizes_bingofrontend']['prize'];
        foreach ($prizes as $key => $prize) {
            foreach ($prize as $field => $value) {
                //echo "Magic quotes is " . (get_magic_quotes_gpc() ? "ON" : "OFF");
               // echo strip_tags($value) ;die;
                $cleanedValues[$field] = $GLOBALS['TYPO3_DB']->quoteStr(strip_tags($value));// strip_tags($value);// mysql_real_escape_string(strip_tags($value));

I get this error:
Uncaught TYPO3 Exception
#1310027933: DBAL fatal error: No handler found in handler_getFromTableList() for: "" (SQL engine parse ERROR: No table name found as expected in parseFromTables()!: near " ") 

RuntimeException thrown in file
/home/typo3_src/typo3_src-4.5.30/typo3/sysext/dbal/class.ux_t3lib_db.php in line 3076. 

when execution hits the line with the call to $GLOBALS['TYPO3_DB']->quoteStr()
Are those DBAL methods still the way to go in v 4.5.30?

More information about the TYPO3-english mailing list