I'm upgrading an old Moodle plugin that was originally written for a Moodle 2.0 site and runs on a MS SQL Server 2016 database using the SQLSRV PHP driver.
One particular piece of code has me stumped:
$user_details = $DB->get_record_sql("
SELECT * FROM mdl_user WHERE id = (SELECT TOP 1 userid FROM mdl_user_info_data
JOIN mdl_user_info_field ON mdl_user_info_field.id=mdl_user_info_data.fieldid
WHERE SUBSTRING(master.dbo.fn_varbintohexstr(HashBytes('MD5',CONVERT(varchar,data))), 3, 32) = '$partyid' AND shortname = 'partyid')
");
SELECT * FROM mdl_user WHERE id = (SELECT TOP 1 userid FROM mdl_user_info_data
JOIN mdl_user_info_field ON mdl_user_info_field.id=mdl_user_info_data.fieldid
WHERE SUBSTRING(master.dbo.fn_varbintohexstr(HashBytes('MD5',CONVERT(varchar,data))), 3, 32) = '$partyid' AND shortname = 'partyid')
");
The Moodle site has a custom profile field called "partyid" and the above code does a SELECT * query on the mdl_user table where the "partyid" custom profile field has a certain value. "partyid" is passed to Moodle as a MD5 hash of a short numeric number, 123987 in the above code.