Page 1 of 2

Update Funtion

Posted: Thu Dec 28, 2006 9:23 am
by psurrena
I have a simple update function that is made specifically for one situation, I would like it to be more versatile.

Currently:

Code: Select all

function updateContent($id, $table){
	if(isset($_POST['save'])) {
		$title    = $_POST['title'];
		$abstract = $_POST['abstract'];
		$body     = $_POST['body'];

		if(!get_magic_quotes_gpc()) {
			$title    = addslashes($title);
			$body     = addslashes($body);
			$abstract = addslashes($abstract);
		}
		
		$query = "UPDATE " . $table . " SET title = '$title', abstract='$abstract', body = '$body' WHERE id = '$id'";
 		mysql_query($query) or die('Error : ' . mysql_error());
	}
}
In theory what I want to happen is to add all the rows to be affected in the beginning.
I'm making up the syntax but something like "function updateContent($id, $table, row[fname, lname]);" Each item in the row array would end up in $_POST and addslashes().

I hope this was clear.

Posted: Thu Dec 28, 2006 10:22 am
by dibyendrah
Not clear on

Code: Select all

function updateContent($id, $table, row[fname, lname])
What does row[fname, lname] means ? are they column names ?

Posted: Thu Dec 28, 2006 10:31 am
by psurrena
Sorry - I should have named it accordingly. In the code same above it would be row[title, abstract, body]

Posted: Thu Dec 28, 2006 11:01 am
by feyd
I'm not sure what your example function declaration is actually describing. Unless I understand wrong, the final declaration would be a maximum of three required arguments where the third is an array of named elements. Is this correct?

If so, I'm not sure I understand what the question is then.

Posted: Thu Dec 28, 2006 11:10 am
by psurrena
I'm probably butchering this but here's the idea:

Code: Select all

function updateContent($id, $table, $data['title', 'abstract', 'body']){ 
        if(isset($_POST['save'])) { 
                $data = $_POST['data']; 
                
                $query = "UPDATE " . $table . " SET data[] = '$data[]'"; 
               mysql_query($query) or die('Error: ' . mysql_error()); 
        } 
}
titile, abstract, body are all rows

Posted: Thu Dec 28, 2006 11:39 am
by feyd
I'm still unsure of what you're trying to do.

It would appear you are wishing to use the key-value pairs of an array to fill out the query. For this I often use empty() + array_keys() + array_values() + implode().

Posted: Fri Dec 29, 2006 1:34 am
by volka
Please describe exactly but without code what you're trying to achieve.

Posted: Fri Dec 29, 2006 7:07 pm
by psurrena
I want to be able to use the function to update all the fields in the database declared in parentheses, whether it's one or eight or twenty.

Posted: Fri Dec 29, 2006 7:19 pm
by volka
Maybe something like

Code: Select all

function updateContent($id, $table, $data) {
	
	$pairs=array();
	foreach($data as $name=>$value) {
		$pairs[] = "`$name`='" . mysql_real_escape_string($value) . "'";
	} 
	
	$query = 'UPDATE ... ' . join(',', $pairs);
	echo $query;
}

$fields = array(
		'field1'=>'valueA',
		'field2'=>'valueB',
		'field3'=>'valueC'
	);
updateContent(1, 'myTable', $fields);

Posted: Mon Jan 01, 2007 12:15 pm
by psurrena

Code: Select all

<?php	
	function updateContent($id, $table, $data) { 
		$pairs=array(); 
				
		foreach($data as $name=>$value) {
            $pairs[] = "$name ='{\$_POST['" . mysql_real_escape_string($value) . "']}'"; 
		}
		
		if(isset($_POST['update'])) {								
			$query = "UPDATE $table  SET " . implode(", ",$pairs) . " WHERE id='$id'"; 
			mysql_query($query) or die (mysql_error());
			echo $query; 
		}
	}	
?>
I get this error

Code: Select all

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '19103']}', city ='{$_POST['Philadelphia']}' WHERE id='1'' at line 1
Is it not putting '{$_POST[' infront of the first item? The same as when you use the implode function?

Posted: Mon Jan 01, 2007 12:43 pm
by volka
psurrena wrote:Is it not putting '{$_POST[' infront of the first item?
Obviously not. Why should you?

Posted: Mon Jan 01, 2007 1:07 pm
by Ollie Saunders

Code: Select all

$pairs[] = "$name ='{\$_POST['" . mysql_real_escape_string($value) . "']}'";
wtf is that?!

May I suggest:

Code: Select all

$pairs[] = "$name  ='" . mysql_real_escape_string($_POST[$value]) . "'";

Posted: Mon Jan 01, 2007 1:11 pm
by psurrena
Then what is the best way to go about posting it?

The code right now ends up being this:

Code: Select all

"UPDATE table  SET city ='{$_POST['Philadelphia']}' WHERE id='1'"
which seems right to me.

Posted: Mon Jan 01, 2007 1:24 pm
by volka
All right. It sets exactly one field in the record and therefore has nothing to do with
psurrena wrote:I want to be able to use the function to update all the fields in the database declared in parentheses, whether it's one or eight or twenty.
but if it solves your problem and you're happy so are we ;)

Posted: Mon Jan 01, 2007 1:54 pm
by Ollie Saunders
You realize you are setting city field to the literal string '{$_POST['Philadelphia']}'.
Its not using the value in $_POST.

By which I mean, when you query that record and field back again you will get '{$_POST['Philadelphia']}'. If that is what you want (its not impossible, but unlikely) we are all happy. :)