Solved

Backbase and MySQL

Posted on 2008-06-22
2
425 Views
Last Modified: 2010-10-05
I have the instructions on how to pull XML out of a MySQL query:
http://bdn.backbase.com/blog/sjoerd/dynamic-data-in-the-pim-demo-using-php-and-mysql

However,
How do I write the changes back up into MySQL?  My Webpages are in PHP.
Thanks
0
Comment
Question by:Evan Cutler
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
binarydesignnz earned 500 total points
ID: 21842347
For a start, you should modify the initial query for getting the data, as it is currently vulnerable to SQL injection.  A simple addslashes command will fix this.
I would recommend changing the line:
    $section = $_GET['section'];
with:
    $section = addslashes($_GET['section']);

This will add a leading backslash to any escape characters.

For updating the database, I am assuming you are using a HTTP POST or GET from your Ajax code,  Here is a solution using POST:
<?
 
 
$dbName = "";			//insert db name here
$dbUser = ""; 			//insert db Username here
$dbPass = ""; 			//insert db Password here
$dbHost = "localhost";  //insert db Host here
$dbTable = "";  		//insert db Table name here
 
 
$updString = "";
$seperator = ", ";
$index = 1;
 
$data = $_POST;			//$_POST or $_GET
 
foreach($data as $name => $value) {
 
	if ($name && $value){
		
		$updString .= "`".addslashes($name)."` = \'".addslashes($value)."\'";  //protect the input parameters
		
		if ($index < sizeof($data)){
			$updString .= $seperator; //add the delimater if there is another parameter
		}
		$index++;
	
	}
 
}
 
 
if(($db = mysql_connect($dbHost, $dbUser, $dbPass)) && sizeof($data) ){
	if(mysql_select_db($dbName, $db) ){
 
		mysql_query("UPDATE `".$dbName."`.`".$dbTable."` SET ".$updString." WHERE `".$dbTable."`.`id` = ".(int)($data['id'])." LIMIT 1;", $db );
		print "success";
		
	}
}else{
	print "fail";
}
 
?>

Open in new window

0
 
LVL 9

Author Closing Comment

by:Evan Cutler
ID: 31469546
thanks
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question