Thread: update mysql without manually tying SET statements
View Single Post
  #2 (permalink)  
Old 05-16-2012, 02:23 PM
Shake
Guest
  
Posts: n/a
Default Re: update mysql without manually tying SET statements
El 16/05/2012 16:12, apavluck@gmail.com escribió:
> I am trying to setup some generic code that will allow me to update a mysql database via form and php. I can capture the data in the row of the database that I want to update. I can present that in a form populated with the existing values. What I can't figure out how to do is to avoid typing out the SET statements in the update query.
> [...]
> The reason I want to do this is because I manage many projects all with their own variables and databases and the update is the only part that I have to type in manually.

Withouth entering in details, security and best practices...

$sqlString = ' UPDATE blablalba SET ';
foreach($_POST as $key => $value)
{
$sqlString .= " `$key` = '$value', ";
}

// You have to deal here a little with the last comma

It's possible not all data in $_POST are fields of the database. You
could manage prefixing the indexes or other ways...

foreach($_POST as $key => $value)
{
if(!preg_match('/^my_prefix.+/',$key)) continue;
$sqlString .= " `$key` = '$value', ";
}

That's some basic ideas, but be carefull, because there are important
things to take in care when using this metodologies. Using POST data to
build SQL strings "automagically" implies taking care of sqlInjection
and thiese kind of things.

Greetings
Reply With Quote