0

I've been successfully rewriting an old web app to use PDO instead of MDB2, but have hit a snag with this query. Going of of this documentation here: https://www.php.net/manual/en/pdostatement.execute.php It looks like my script is technically written correctly, but the old query formatting causes a break at prepare(). INET_ATON() returns a numeric value of an IP Address according to mysql's official documentation. This the query output in the error log: My query = INSERT INTO accesslog (client_ip, contains_phi, entrypoint, module, userid, request_method, request_url, request_query, request_header, response_status, response_header, response_time) VALUES (INET_ATON(?),?<=>1,?,?,?,?,?,?,?,?,?,?)

Thank you everyone for the help thus far. I found out that INET_ATON() was not being recognized anymore. Also, query was being built with a string without quotation marks, thus breaking the syntax.

 $entry = array(
            'client_ip' => $this->clientIP(),
            'contains_phi' => $contains_phi,
            'entrypoint' => 'orderportal',
            'module' => $this->action[1],
            'userid' => $this->user->id,
            'request_method' => $_SERVER['REQUEST_METHOD'],
            'request_url' => $_SERVER['REQUEST_URI'],
            'request_query' => (count($request_query)) ? json_encode($request_query) : null,
            'request_header' => json_encode(apache_request_headers()),
            'response_status' => $response_code,
            'response_header' => json_encode(apache_response_headers()),
            'response_time' => $response_time,
        );

        // INSERT log entry.
        $fields = implode(', ', array_keys($entry));
        $placeholders = rtrim(str_repeat("?,", count($entry)-2), ",");
        $values = array_values($entry);
        $query = "INSERT INTO accesslog ($fields) VALUES (INET_ATON(?),?<=>1,$placeholders)";

        $sth = $db->prepare($query);

        $sth->execute($values);

        return $db->lastInsertID();
Powermaster Prime
  • 85
  • 11
  • 1
    Causes a break? Please check [here](https://stackoverflow.com/questions/32648371/my-pdo-statement-doesnt-work) how to enable `PDO::ERRMODE_EXCEPTION`. – Álvaro González Feb 25 '22 at 18:13
  • 1
    It is on, but I don't think I have it logging correctly. Where would I put ``` trigger_error("PDO errorInfo: ".$dbh->errorInfo());``` in my code to output my failure point? – Powermaster Prime Feb 25 '22 at 18:40
  • I think you misunderstood `PDO::ERRMODE_EXCEPTION`. The whole point is that you don't need to display errors manually. Have you configured PHP itself to log or display errors? Can you see something if you run e.g. `1/0;`? – Álvaro González Feb 25 '22 at 18:42
  • 1
    I just need it to log to my apache output. I don't this PDO is configured correctly to do it though. Let me look into it. – Powermaster Prime Feb 25 '22 at 18:47
  • PHP **ALREADY** logs your errors. The whole point is that you don't need to log errors manually. – Your Common Sense Feb 25 '22 at 19:07

0 Answers0