Jump to content

Recommended Posts

Have I created this function properly?  I am getting a mysql error.

 

function update_personal_info($username, $firstname, $lastname, $dateofbirth, $city, $state, $country, $personalweb, $credentials, $specialties, $email, $mail_status, $capitalavailable = null, $phonenumber)
{
$firstname			= mres(htmlentities(strip_tags($firstname)));
$lastname			= mres(htmlentities(strip_tags($lastname)));
$dateofbirth		= mres(htmlentities(strip_tags($dateofbirth)));
$city				= mres(htmlentities(strip_tags($city)));
$state				= (!empty($state)) ? (int)$state : null;
$country			= (int)$country;
$personalweb		= mres(htmlentities(strip_tags($personalweb)));
$credentials		= mres(htmlentities(strip_tags($credentials)));
$specialties		= mres(htmlentities(strip_tags($specialties)));
$email				= mres(htmlentities(strip_tags($email)));
$mail_status		= (int)$mail_status;
$phonenumber		= mres(htmlentities(strip_tags($phonenumber)));
$capitalavailable	= (int)$capitalavailable;

	$sql = "UPDATE `users` SET
				`firstname` 	= '{$firstname}',
				`lastname`		= '{$lastname}',
				`city` 			= '{$city}',
				`state` 		= '{$state}',
				`country` 		= '{$country}',
				`email`			= '{$email}',
				`phonenumber` 	= '{$phonenumber}',
				`personalweb` 	= '{$personalweb}',
				`credentials` 	= '{$credentials}',
				`specialties` 	= '{$specialties}',
				`mail_status` 	= '{$mail_status}'
			WHERE `username` 	= '${username}'";

    if ($capitalavailable != null)
{
	$uid = $GLOBALS['user_info']['uid'];

	$sql .= "UPDATE `investor_info` SET
				`capital_available`	= '{$capitalavailable}'
			WHERE `uid` = '${uid}'";
}

return mysql_query($sql) or die(mysql_error());
}

Link to comment
https://forums.phpfreaks.com/topic/240742-function-syntax-wrong-mysql-error/
Share on other sites

What's stopping you from simply running two queries?

 

Is running two queries msot efficient?

 

No, it's less efficient, but unless you're pulling a lot of data, you probably don't need to worry about it too much.  And, again, I provided you the information you need to combine queries in my post above, anyway, in case you discover that two queries create too much of a bottleneck for your system.

Nightslyr - Updates that hit multiple tables without a WHERE clause? SCARY!!!

 

Just perform this in two queries. You COULD do it in one, but you'd have to be VERY careful with your logic. The slight overhead to do this is two queries is worth it, unless you need absolute efficiency.

Other than the query issues, code like that makes baby Jesus cry. I suggest discovering arrays.

 

Are you suggesting I put my parameters in an array?  I love to learn so please explain.

 

Yes, that is what he is saying.

 

On to another note, you should code functions so they are usable in a variety of situations.  When you code a function so that it can only be used in one place of your code, it defeats the purpose of building a function.  You could (and should) just write it out in the script.  But, you can change this function (using arrays) so that you could run ANY update query through it, and make it work.  Since you are having to type out the values anyway, just put them in a associative array, and let the function do the rest of the work.

 

Example:

function update(string $table, array $data, array $where) {
	foreach($data as $key => $value) { //go through the $data array.
		$info[] = $key . ' = \'' . mysql_real_escape_string(strip_tags($value)) . '\''; //build the column = value for each of the array members.
	}
	foreach($where as $key => $value) { //now go through the where array.
		$find[] = $key . ' = \'' . mysql_real_escape_string($value) . '\'';  //building these columns like those above.
	}

$sql = "UPDATE $table SET " . implode(', ',$info) . ' WHERE ' . implode(' AND ',$find); //build our query, turning the new info array into a comma separated string, and our where array into a string separated by AND.
if(mysql_query($sql)) { //if the query executes.
	return mysql_affected_rows(); //return the affected rows.
}
return false;	//if it doesn't return false.
}

//set the fields and the values inside an array.
$arr['firstname'] = $firstname;
$arr['lastname'] = $lastname;
$arr['dateofbirth'] = $dateofbirth;
$arr['city'] = $city;
$arr['state'] = $state;
$arr['country'] = $country;
$arr['personalweb'] = $personalweb;
//etc.
//now set you where clause in an array.
$find['username'] = $username;
//now pass all this info to the function, with the table name;
update('users',$arr,$find);

if(!empty($capitalavailable)) {
$arr['capital_available'] = $capitalavailable;
$find['uid'] = $GLOBALS['user_info']['uid'];
//update the investor info table,
update('investor_info',$arr,$find);
}


//Now this function is NOT dependent on this specific use.  As we can now pass any table, and any columns to it.
$arr['make'] = 'Ford';
$arr['model'] = 'F250';
$arr['price'] = 49,999;
$find['city'] = 'Memphis';
$find['state'] = 'Tenn';
update('cars',$arr,$find);

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.