|
Posted by Steve on 11/09/06 16:57
"kenoli" <kenoli@igc.org> wrote in message
news:1163089921.908504.296570@b28g2000cwb.googlegroups.com...
| Thanks. Please take no offense about the bickering remark; It was more
| of an appreciation of the energy that gets put into these posts.
|
| So, suppose I wanted to derive something like:
|
| WHERE $key1=$value1 AND $key2=$value2 . . .
|
| from my $_POST?
|
| How would I construct that? I presume I can make the form names the
| same as the database columns so a $key = $value will result in the
| proper sql statement.
|
| And how could I separate out the arrays (like checkboxes) from the
| other form input values so I can render them differently?
no offense taken...and i tried to make my response to it playful.
the form names, i assume, are not form names but more the names you give to
your input tags...right? anyway, i'd recommend against doing that. it
provides a good oportunity to hack your system. but, to answer the
question...
<?
$processData = isset($_POST['processData'] ? true : false;
$table = $_POST['tableName'];
if (!processData)
{
?>
<form method="post">
<input name="dbField1" type="text" value="hello">
<input name="dbField2" type="text" value="world">
<input name="tableName" type="hidden" value="someTable">
<input name="processData" type="submit" value="Try It Out...">
</form>
<?
exit;
}
unset($_POST['processData']);
unset($_POST['tableName']);
$columns = array_keys($_POST);
$values = array_values($_POST);
$sql = "
INSERT INTO " . $table . "
(
" . implode(",\n ", $columns) . "
)
VALUES
(
'" . implode("',\n '", $columns) . "'
)
";
print "<pre>\n" . $sql . "</pre>\n";
?>
there is no validation going on here including discovering whether an
insert, update, or delete is being perfomed...but this is the basic answer
to your question. if you'd like a full example of how i do data entry, i can
post that here too. i would stay away from marrying your html with your php
so tightly, as you are indicating.
hth,
me
[Back to original message]
|