I'm new to CodeIgniter and I'm struggling with the Active Record Class and the apostrophes it adds to my query:
This is the query that CodeIgniter outputs (Via enable_profiler):
SELECT `login`.`idlogin`, `login`.`username`, `login`.`password`
FROM (`login`, `pessoa`)
WHERE `login`.`username` = 'user1'
AND `login`.`password` = 'pass1'
AND `pessoa`.`nBI` = 'login.pessoa_nBI'
LIMIT 1
user1 and pass1 are strings from a login form (ignore the password in plain cleartext). This produces 0 results.
However the correct query, i.e., the result I want is:
SELECT `login`.`idlogin` , `login`.`username` , `login`.`password`
FROM (`login` , `pessoa`)
WHERE `login`.`username` = 'user1'
AND `login`.`password` = 'pass1'
AND `pessoa`.`nBI` = login.pessoa_nBI
LIMIT 1
Only difference is the penultimate line, login.pessoa_nBI isn't surrounded by an apostrophe.
Which produces out one result, as it should. Database is MySQL.
Edit: Here is Active Record code:
$this -> db -> select('login.idlogin, login.username, login.password');
$this -> db -> from('login,pessoa);
$this -> db -> where('login.username', $username);
$this -> db -> where('login.password', $password);
$this -> db -> where('pessoa.nBI', login.pessoa_nBI');
$this -> db -> limit(1);
What am I doing wrong?
Thanks
Activerecord where provides a parameter so codigniter does not escape your data
$this->db->where() accepts an optional third parameter.
// If you set it to FALSE, CodeIgniter will not try to protect your field or
// table names with backticks.
$this->db->where('MATCH (field) AGAINST ("value")', NULL, FALSE);
You can use a join though for your query
$this->db->select('l.idLogin, l.username, l.password');
$this->db->from('login AS l');
$this->db->join('pessoa', 'pessoa.nBI = l.pessoa_nBI');
$this->db->where('l.username', 'usernam');
etc..