Hey Guys,
Could anyone tell me what is wrong with this Line?
$criteria->condition = 'status='.Comment::STATUS_APPROVED AND 'postId='.$post->Id;
I get all approved Comments in every Post, so it is not as it should be.
many thanks
sebi
Hey Guys,
Could anyone tell me what is wrong with this Line?
$criteria->condition = 'status='.Comment::STATUS_APPROVED AND 'postId='.$post->Id;
I get all approved Comments in every Post, so it is not as it should be.
many thanks
sebi
I don’t believe you can effectively make a query statement like you have there. In fact I’m willing to bet the error part is this: Comment::STATUS_APPROVED AND
If you intended for a . after approved it still probably wouldn’t work. To define multiple conditions you should follow a format like so:
$conditions=array();
$conditions[]='status='. Comment::STATUS_APPROVED;
$conditions[]='postId='. $post->Id;
//$conditions[]='...';
//$conditions[]='...';
//$conditions[]='...';
$criteria->condition = implode(' AND ',$conditions);
That should do it.
Now you can use status=? and then reference to the value or use the : instead of ? like so
$criteria->condition = "site_code = :site_code";
$criteria->params = array(’:site_code’ => $_GET[‘site_code’]);
Hope that helps 
That helps, thank you.
$criteria->condition = 'status = ' . Comment::STATUS_APPROVED . ' AND postId = '.$post->Id;
Another way to prevent injection:
$criteria->condition = 'status=:status and postId= :postId';
$criteria->params = array('status' => Comment::STATUS_APPROVED, 'postId' => $post->Id);