Bravat Posted March 24, 2011 Share Posted March 24, 2011 I found class on the net, and i am having a bit of a problem to understand how does update method works. Here is the code: public function update() { global $database; // Don't forget your SQL syntax and good habits: // - UPDATE table SET key='value', key='value' WHERE condition // - single-quotes around all values // - escape all values to prevent SQL injection $attributes = $this->sanitized_attributes(); $attribute_pairs = array(); foreach($attributes as $key => $value) { $attribute_pairs[] = "{$key}='{$value}'"; } $sql = "UPDATE ".self::$table_name." SET "; $sql .= join(", ", $attribute_pairs); $sql .= " WHERE id=". $database->escape_value($this->id); $database->query($sql); return ($database->affected_rows() == 1) ? true : false; } I have form like this to deal with update: <form action="index.php?page=languages" enctype="multipart/form-data" method="POST"> <?php foreach($language as $lang){ ?> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>" /> <label>Jezik</label><input type="text" size="50" name="language" value="<?php echo $lang->lang; ?>" /><br> <input type="hidden" name="id_lang" value="<?php echo $lang->id_lang; ?>" /> <label>Slika</label><input type="file" name="image"><?php echo "<img src=\"../images/"; echo $lang->image; echo "\">"; ?> <br> <label>Pozicija</label><input type="text" name="pozicija" value="<?php echo $lang->pozicija; ?>" size="2" /></p> <br> <input type="submit" name="submit_update" value="Unesi"> <?php } ?> </form> and code to start the function: if(isset($_POST['submit_update'])) { $language = new Jezik(); $language->update(); } What next??? Link to comment https://forums.phpfreaks.com/topic/231631-using-class-method/ Share on other sites More sharing options...
btherl Posted March 24, 2011 Share Posted March 24, 2011 Can you post the code for the sanitized_attributes() method please. The entire class may be needed, to see how data gets into the class. Link to comment https://forums.phpfreaks.com/topic/231631-using-class-method/#findComment-1191932 Share on other sites More sharing options...
Bravat Posted March 24, 2011 Author Share Posted March 24, 2011 This is the hole class: class Jezik { protected static $table_name=" language"; protected static $db_fields=array('id_lang', 'lang', 'image', 'pozicija'); public $id_lang; public $lang; public $image; public $pozicija; private $temp_path; protected $upload_dir="images"; public $errors=array(); protected $upload_errors = array( // http://www.php.net/manual/en/features.file-upload.errors.php UPLOAD_ERR_OK => "No errors.", UPLOAD_ERR_INI_SIZE => "Larger than upload_max_filesize.", UPLOAD_ERR_FORM_SIZE => "Larger than form MAX_FILE_SIZE.", UPLOAD_ERR_PARTIAL => "Partial upload.", UPLOAD_ERR_NO_FILE => "No file.", UPLOAD_ERR_NO_TMP_DIR => "No temporary directory.", UPLOAD_ERR_CANT_WRITE => "Can't write to disk.", UPLOAD_ERR_EXTENSION => "File upload stopped by extension." ); // Pass in $_FILE(['uploaded_file']) as an argument public function attach_file($file) { // Perform error checking on the form parameters if(!$file || empty($file) || !is_array($file)) { // error: nothing uploaded or wrong argument usage $this->errors[] = "No file was uploaded."; return false; } elseif($file['error'] != 0) { // error: report what PHP says went wrong $this->errors[] = $this->upload_errors[$file['error']]; return false; } else { // Set object attributes to the form parameters. $this->temp_path = $file['tmp_name']; $this->image = basename($file['name']); // Don't worry about saving anything to the database yet. return true; } } public function save() { // A new record won't have an id yet. if(isset($this->id)) { // Really just to update the caption $this->update(); } else { // Make sure there are no errors // Can't save if there are pre-existing errors if(!empty($this->errors)) { return false; } // Can't save without filename and temp location if(empty($this->image) || empty($this->temp_path)) { $this->errors[] = "The file location was not available."; return false; } // Determine the target_path $target_path = SITE_ROOT .DS.$this->upload_dir .DS. $this->image; // Attempt to move the file if(move_uploaded_file($this->temp_path, $target_path)) { // Success // Save a corresponding entry to the database if($this->create()) { // We are done with temp_path, the file isn't there anymore unset($this->temp_path); return true; } } else { // File was not moved. $this->errors[] = "The file upload failed, possibly due to incorrect permissions on the upload folder."; return false; } } } public function destroy() { // First remove the database entry if($this->delete()) { // then remove the file // Note that even though the database entry is gone, this object // is still around (which lets us use $this->image_path()). $target_path = SITE_ROOT.DS.$this->image_path(); return unlink($target_path) ? true : false; } else { // database delete failed return false; } } public function image_path() { return $this->upload_dir.DS.$this->filename; } public function size_as_text() { if($this->size < 1024) { return "{$this->size} bytes"; } elseif($this->size < 1048576) { $size_kb = round($this->size/1024); return "{$size_kb} KB"; } else { $size_mb = round($this->size/1048576, 1); return "{$size_mb} MB"; } } // Common Database Methods public static function find_all() { return self::find_by_sql("SELECT * FROM ".self::$table_name); } public static function find_by_id($id=0) { global $database; $result_array = self::find_by_sql("SELECT * FROM ".self::$table_name." WHERE product_id=".$database->escape_value($id)." LIMIT 1"); return !empty($result_array) ? array_shift($result_array) : false; } public static function find_by_sql($sql="") { global $database; $result_set = $database->query($sql); $object_array = array(); while ($row = $database->fetch_array($result_set)) { $object_array[] = self::instantiate($row); } return $object_array; } public static function count_all() { global $database; $sql = "SELECT COUNT(*) FROM ".self::$table_name; $result_set = $database->query($sql); $row = $database->fetch_array($result_set); return array_shift($row); } private static function instantiate($record) { // Could check that $record exists and is an array $object = new self; // Simple, long-form approach: // $object->id = $record['id']; // $object->username = $record['username']; // $object->password = $record['password']; // $object->first_name = $record['first_name']; // $object->last_name = $record['last_name']; // More dynamic, short-form approach: foreach($record as $attribute=>$value){ if($object->has_attribute($attribute)) { $object->$attribute = $value; } } return $object; } private function has_attribute($attribute) { // We don't care about the value, we just want to know if the key exists // Will return true or false return array_key_exists($attribute, $this->attributes()); } protected function attributes() { // return an array of attribute names and their values $attributes = array(); foreach(self::$db_fields as $field) { if(property_exists($this, $field)) { $attributes[$field] = $this->$field; } } return $attributes; } protected function sanitized_attributes() { global $database; $clean_attributes = array(); // sanitize the values before submitting // Note: does not alter the actual value of each attribute foreach($this->attributes() as $key => $value){ $clean_attributes[$key] = $database->escape_value($value); } return $clean_attributes; } // replaced with a custom save() // public function save() { // // A new record won't have an id yet. // return isset($this->id) ? $this->update() : $this->create(); // } public function create() { global $database; // Don't forget your SQL syntax and good habits: // - INSERT INTO table (key, key) VALUES ('value', 'value') // - single-quotes around all values // - escape all values to prevent SQL injection $attributes = $this->sanitized_attributes(); $sql = "INSERT INTO ".self::$table_name." ("; $sql .= join(", ", array_keys($attributes)); $sql .= ") VALUES ('"; $sql .= join("', '", array_values($attributes)); $sql .= "')"; if($database->query($sql)) { $this->product_id = $database->insert_id(); return true; } else { return false; } } public function update() { global $database; // Don't forget your SQL syntax and good habits: // - UPDATE table SET key='value', key='value' WHERE condition // - single-quotes around all values // - escape all values to prevent SQL injection $attributes = $this->sanitized_attributes(); $attribute_pairs = array(); foreach($attributes as $key => $value) { $attribute_pairs[] = "{$key}='{$value}'"; } $sql = "UPDATE ".self::$table_name." SET "; $sql .= join(", ", $attribute_pairs); $sql .= " WHERE id=". $database->escape_value($this->id); $database->query($sql); return ($database->affected_rows() == 1) ? true : false; } public function delete() { global $database; // Don't forget your SQL syntax and good habits: // - DELETE FROM table WHERE condition LIMIT 1 // - escape all values to prevent SQL injection // - use LIMIT 1 $sql = "DELETE FROM ".self::$table_name; $sql .= " WHERE id=". $database->escape_value($this->id); $sql .= " LIMIT 1"; $database->query($sql); return ($database->affected_rows() == 1) ? true : false; // NB: After deleting, the instance of User still // exists, even though the database entry does not. // This can be useful, as in: // echo $user->first_name . " was deleted"; // but, for example, we can't call $user->update() // after calling $user->delete(). } } ?> Link to comment https://forums.phpfreaks.com/topic/231631-using-class-method/#findComment-1191935 Share on other sites More sharing options...
btherl Posted March 24, 2011 Share Posted March 24, 2011 update() calls sanitized_attributes() which uses $this->attributes(), which reads properties for each database field. So you would use it like this: $language->id_lang = ... ; $language->lang = ... ; $language->image = ... ; $language->pozicija = ... ; $language->update(); OR, you would use another class method to initialize those values, then change some of them, and then call update() to save the changes. Link to comment https://forums.phpfreaks.com/topic/231631-using-class-method/#findComment-1191938 Share on other sites More sharing options...
Bravat Posted March 24, 2011 Author Share Posted March 24, 2011 This helps a lot . Thank you. Link to comment https://forums.phpfreaks.com/topic/231631-using-class-method/#findComment-1191939 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.