Page 1 of 2
Update Funtion
Posted: Thu Dec 28, 2006 9:23 am
by psurrena
I have a simple update function that is made specifically for one situation, I would like it to be more versatile.
Currently:
Code: Select all
function updateContent($id, $table){
if(isset($_POST['save'])) {
$title = $_POST['title'];
$abstract = $_POST['abstract'];
$body = $_POST['body'];
if(!get_magic_quotes_gpc()) {
$title = addslashes($title);
$body = addslashes($body);
$abstract = addslashes($abstract);
}
$query = "UPDATE " . $table . " SET title = '$title', abstract='$abstract', body = '$body' WHERE id = '$id'";
mysql_query($query) or die('Error : ' . mysql_error());
}
}
In theory what I want to happen is to add all the rows to be affected in the beginning.
I'm making up the syntax but something like "function updateContent($id, $table, row[fname, lname]);" Each item in the row array would end up in $_POST and addslashes().
I hope this was clear.
Posted: Thu Dec 28, 2006 10:22 am
by dibyendrah
Not clear on
Code: Select all
function updateContent($id, $table, row[fname, lname])
What does row[fname, lname] means ? are they column names ?
Posted: Thu Dec 28, 2006 10:31 am
by psurrena
Sorry - I should have named it accordingly. In the code same above it would be row[title, abstract, body]
Posted: Thu Dec 28, 2006 11:01 am
by feyd
I'm not sure what your example function declaration is actually describing. Unless I understand wrong, the final declaration would be a maximum of three required arguments where the third is an array of named elements. Is this correct?
If so, I'm not sure I understand what the question is then.
Posted: Thu Dec 28, 2006 11:10 am
by psurrena
I'm probably butchering this but here's the idea:
Code: Select all
function updateContent($id, $table, $data['title', 'abstract', 'body']){
if(isset($_POST['save'])) {
$data = $_POST['data'];
$query = "UPDATE " . $table . " SET data[] = '$data[]'";
mysql_query($query) or die('Error: ' . mysql_error());
}
}
titile, abstract, body are all rows
Posted: Thu Dec 28, 2006 11:39 am
by feyd
I'm still unsure of what you're trying to do.
It would appear you are wishing to use the key-value pairs of an array to fill out the query. For this I often use
empty() +
array_keys() +
array_values() +
implode().
Posted: Fri Dec 29, 2006 1:34 am
by volka
Please describe exactly but without code what you're trying to achieve.
Posted: Fri Dec 29, 2006 7:07 pm
by psurrena
I want to be able to use the function to update all the fields in the database declared in parentheses, whether it's one or eight or twenty.
Posted: Fri Dec 29, 2006 7:19 pm
by volka
Maybe something like
Code: Select all
function updateContent($id, $table, $data) {
$pairs=array();
foreach($data as $name=>$value) {
$pairs[] = "`$name`='" . mysql_real_escape_string($value) . "'";
}
$query = 'UPDATE ... ' . join(',', $pairs);
echo $query;
}
$fields = array(
'field1'=>'valueA',
'field2'=>'valueB',
'field3'=>'valueC'
);
updateContent(1, 'myTable', $fields);
Posted: Mon Jan 01, 2007 12:15 pm
by psurrena
Code: Select all
<?php
function updateContent($id, $table, $data) {
$pairs=array();
foreach($data as $name=>$value) {
$pairs[] = "$name ='{\$_POST['" . mysql_real_escape_string($value) . "']}'";
}
if(isset($_POST['update'])) {
$query = "UPDATE $table SET " . implode(", ",$pairs) . " WHERE id='$id'";
mysql_query($query) or die (mysql_error());
echo $query;
}
}
?>
I get this error
Code: Select all
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '19103']}', city ='{$_POST['Philadelphia']}' WHERE id='1'' at line 1
Is it not putting
'{$_POST[' infront of the first item? The same as when you use the implode function?
Posted: Mon Jan 01, 2007 12:43 pm
by volka
psurrena wrote:Is it not putting '{$_POST[' infront of the first item?
Obviously not. Why should you?
Posted: Mon Jan 01, 2007 1:07 pm
by Ollie Saunders
Code: Select all
$pairs[] = "$name ='{\$_POST['" . mysql_real_escape_string($value) . "']}'";
wtf is that?!
May I suggest:
Code: Select all
$pairs[] = "$name ='" . mysql_real_escape_string($_POST[$value]) . "'";
Posted: Mon Jan 01, 2007 1:11 pm
by psurrena
Then what is the best way to go about posting it?
The code right now ends up being this:
Code: Select all
"UPDATE table SET city ='{$_POST['Philadelphia']}' WHERE id='1'"
which seems right to me.
Posted: Mon Jan 01, 2007 1:24 pm
by volka
All right. It sets exactly one field in the record and therefore has nothing to do with
psurrena wrote:I want to be able to use the function to update all the fields in the database declared in parentheses, whether it's one or eight or twenty.
but if it solves your problem and you're happy so are we

Posted: Mon Jan 01, 2007 1:54 pm
by Ollie Saunders
You realize you are setting city field to the literal string
'{$_POST['Philadelphia']}'.
Its not using the value in $_POST.
By which I mean, when you query that record and field back again you will get
'{$_POST['Philadelphia']}'. If that is what you want (its not impossible, but unlikely) we are all happy.
