Update mysql database with an array(with a twist?)

[iarp]

 

my site editing page, allows the admin to change basic items like the sites name, copywrite name, rss feed url and to enable or disable the rss feed from showing on webpages.

 

Just after " if (empty($errors)) { " in the page below, it updates all the fields. and as you may notice, if someone sets the rrs enable to enable, it actully sets everything that uses this foreach to active. Is there a way to pick out only the rss feed url and allow me to enable/disable it?

$page_title = 'Edit Site';

require ('../includes/header.php');

if ($userlevel >= "9"){ //checks if the user is an admin, if not it skips everything below and forwards them to the login page.

require_once('../includes/mysql_connect.php');

if (isset($_POST['submitted'])) {
$errors = array();

if (empty($_POST['site_name'])) {
	$errors[] = 'You forgot to enter the sites name!';
} else {
	$sn = $_POST['site_name'];
	$sn1 = 'site_name';
}

if (empty($_POST['copyright'])) {
	$errors[] = 'You need the copyright';
} else {
	$cr = $_POST['copyright'];
	$rss = '1';
}

if ($_POST['rssfeed-radio'] == "enable") {
	$rss = "1";
} elseif ($_POST['rssfeed-radio'] == "disable") {
	$rss = "0";
} else {
	$errors[] = "Error, you screwed with mah code! Choose to enable or disable RSS Feed showing.";
}

if (empty($errors)) {
	foreach ($_POST as $k => $v) {
		if ($k != "submit" || $k != "submitted") {
		  mysql_query("UPDATE " . TBL_CONFIG . " SET config_value='$v', active='$rss' WHERE config_name='$k'");
		}
	}
	messages(4);
} else { //report the errors
	echo '<h1> Error</h1> <p class="error"> The following errors occured:<br />';
	foreach ($errors as $msg) { //print each error
		echo " - $msg<br />\n";
	}
	echo '</p><p>Plese try again.</p><p><br /></p>';
} // end of if(empty($errors)) if.
}//end of submit conditional.


// The query below grabs all the fields available in the database table, and assigns each row to $config[''];
$query = "SELECT config_name,config_value FROM " . TBL_CONFIG;
if ($result = mysql_query($query)) {
  if (mysql_num_rows($result)) {
    while ($row = mysql_fetch_assoc($result)) {
      $config[$row['config_name']] = $row['config_value'];
    }
  }
}
// You now have an associative array containing your config information.
// You can print a single value. eg;
//echo $config['copyright'] . '<br />';

// I kept this here, because if i ever wanted to... for some reason... print out all the fields without formating.
/*foreach ($config as $k => $v) {
  echo '<label>' . $k . '</label> = <input type="text" name="$k" value="' . $v . '" /><br />';
} */

echo '<h3> Site Config </h3>
<form action="config.php" class="config" method="post">
	<label>Site Name:</label> <input class="config-input" type="text" name="site_name" value="' . $config['site_name'] . '" /><br />
	<label>Copyright:</label> <input class="config-input" type="text" name="copyright" value="' . $config['copyright'] . '" /><br />
	<label>RSS Feed:</label> <input class="config-input" type="text" name="rss_feed_url" value="' . $config['rss_feed_url'] . '" /> <input type="radio" name="rssfeed-radio" value="enable"> Enable  <input type="radio" name="rssfeed-radio" value="disable"> Disable <br />
	<input type="submit" name="submit" value="Submit" />
	<input type="hidden" name="submitted" value="TRUE" />
</form>';

require('../includes/footer.php');

} else { //end the admin checking, if the are not an admin, the script below forwards them to the login page.
		// Start defining the URL.
		$url = 'http://' . $_SERVER['HTTP_HOST'];
		// Check for a trailing slash.
		if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
			$url = substr ($url, 0, -1); // Chop off the slash.
		}
		// Add the page.
		$url .= '/login.php';

		header("Location: $url");
		exit(); // Quit the script.

}
?>