t-variable error

janet287

Hi - I am trying to call a SQL stored procedure using PHP. I am getting a t-variable error on the line with my call statement. Can someone tell me what I am doing wrong? My code is below:

        if ($this->config->passtype === 'md5') {   // Re-format password accordingly
            $extpassword = md5($extpassword);
        } else if ($this->config->passtype === 'sha1') {
            $extpassword = sha1($extpassword);
        } else if ($this->config->passtype === 'pc') {   
			$extpassword = $authdb->query('call  sp_encrypt_text($extpassword, $extpassword)');
		}

Can someone help me?

NogDog

I don't get any such parse error, so the actual cause might be something earlier in the code (misplaced quote or such). However, I see a problem with the query() statement, in that you have your variables within a single-quoted string, so therefore they will not be interpolated.

janet287

Hi-

Thanks for the response. Just to be clear, are you saying I should take the quotes out?

I've attached the full php file below. Maybe someone can see what might be causing my problem? The error mentioned line 91, but I don't see anything unusual.

Thanks!

NogDog

In PHP, variables are not evaluated within a single-quoted string. You'll either need to use double-quotes, or else conatenation:

// double quotes:
$extpassword = $authdb->query("call sp_encrypt_text($extpassword, $extpassword)");
// concatenation:
$extpassword = $authdb->query('call sp_encrypt_text(' . $extpassword . ',' . $extpassword . ')');

NogDog

I'm not sure what was going on, but when I retyped that line as follows (with double-quotes now 😉 ), the parse error went away. Maybe there was some extraneous non-printing character in there?

         elseif($this->config->passtype === 'pc')
         {
            $extpassword = $authdb->query("call sp_encrypt_text($extpassword, $extpassword)");
         }

janet287

Thanks! That did the trick for my t-variable error.

But, I am still not getting what I need which is authentication into this program based on validating the password against the encrypted one in the stored procedure I am calling in the external SQL 2005 database. I am wondering if this might be because the call to the stored procedure comes before the connection to the external database in the file? Do you think that might be it? Any thoughts on how I could rearrange the logic to work?

NogDog

janet287 wrote:
...I am wondering if this might be because the call to the stored procedure comes before the connection to the external database in the file? Do you think that might be it?...

If that is the case, then that would definitely be a problem. The connection definitely needs to occur before the query.

janet287

I checked and the authentication call is actually before the call to the stored procedure, so I don't think that is the issue.

Now I am wondering if the variables for my stored procedure are not defined correctly and therefore aren't pulling the results. If I run the command:
"sp_encrypt_text password, @returnencrypted"
in SQL, I get a statement that the command was completed successfully, but no encrpyted password displays.

If I execute the stored procedure using SQL functions, here is the logic it creates:
DECLARE @return_value int,
@return_encrypted varchar(255)

EXEC @return_value = [dbo].[sp_encrypt_text]
@unencrypted = N'password',
@return_encrypted = @return_encrypted OUTPUT

SELECT @return_encrypted as N'@return_encrypted'

SELECT 'Return Value' = @return_value

Based on this, should my call to the stored procedure from PHP be phrased differently? Any suggestions?

I really appreciate the help!