StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POSQL query consistently selects a non-matching row
primarykey
Id
18644262
data
AcceptedAnswerId
18646094
AnswerCount
2
ClosedDate
CommentCount
13
CommunityOwnedDate
CreationDate
2013-09-05T19:19:25.490
FavoriteCount
0
LastActivityDate
2013-09-05T21:24:19.483
LastEditDate
LastEditorUserId
0
OwnerUserId
2697542
ParentId
0
PostTypeId
1
Score
2
ViewCount
148
LastEditorDisplayName
text
Body
I'm storing an md5 hash in both a cookie and a database. I have a function, <code>validate_cookie()</code>, that reads this cookie and queries the database to find the user associated with this hash. <code>validate_cookie()</code> calls another function <code>get_user_data()</code> to do the actual querying.<code>get_user_data()</code> gets called by a few other functions and scripts, so the query it sends is pretty general. Here's the function: <pre><code>function get_user_data($info,$password=Null,$source=Null) { if(!$source) { $query = "SELECT * FROM `users` WHERE `id` = '".mysql_real_escape_string($info)."' OR `email` = '".mysql_real_escape_string($info)."' OR `cookie`='".mysql_real_escape_string($info)."'"; //Check to see if $info matches any column } else { $query = "SELECT * FROM `users` WHERE `".mysql_real_escape_string($source)."_token` ='".mysql_real_escape_string($info)."'";} //we got a social token $result = mysql_query($query); if($result) { $row = mysql_fetch_array($result); if($password) { if(crypt($password, $row['password']) == $row['password']) //password matching { return $row; } else {return "Password does not match!";} } else { return $row; } } else { return "Could not get result from database!";} } </code></pre> The important query in this case is inside of the <code>if(!source){}</code> block. With the way <code>validate_cookie()</code> calls <code>get_user_data()</code> this query becomes (and I have tested that it does become this): <pre><code>SELECT * FROM `users` WHERE `id` = '8sd8sdvsasdliwerhnbzo823' OR `email`='8sd8sdvsasdliwerhnbzo823' OR `cookie`='8sd8sdvsasdliwerhnbzo823' </code></pre> Because <code>id</code> is an int field and everything in <code>email</code> goes through validation, the only row that should be selected from this query are those with a matching <code>cookie</code> field. However, whether calling this query from a PHP script or manually from PHPMyAdmin, this will always select both the target row and one other: a test case that only has <code>NULL</code> in it's <code>cookie</code> field. Changing the hash slightly (so that it shouldn't be matching anything at all) still selects this same test case. Is my query malformed in a way I don't grasp? Are there some arcane uses of <code>OR</code> that allows <code>NULL</code> fields to be matched? Any help would be appreciated. P.S. Before I get told that I should really be using <code>mysqli</code>, yes, I know that. <code>mysql</code> is the boss's orders.
Tags
<php><mysql><sql>
Title
SQL query consistently selects a non-matching row
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USKOMON
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POSQL query consistently selects a non-matching row
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POSQL query consistently selects a non-matching row
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.