Solved

Backbase and MySQL

Posted on 2008-06-22
2
416 Views
Last Modified: 2010-10-05
I have the instructions on how to pull XML out of a MySQL query:
http://bdn.backbase.com/blog/sjoerd/dynamic-data-in-the-pim-demo-using-php-and-mysql

However,
How do I write the changes back up into MySQL?  My Webpages are in PHP.
Thanks
0
Comment
Question by:Evan Cutler
2 Comments
 
LVL 1

Accepted Solution

by:
binarydesignnz earned 500 total points
ID: 21842347
For a start, you should modify the initial query for getting the data, as it is currently vulnerable to SQL injection.  A simple addslashes command will fix this.
I would recommend changing the line:
    $section = $_GET['section'];
with:
    $section = addslashes($_GET['section']);

This will add a leading backslash to any escape characters.

For updating the database, I am assuming you are using a HTTP POST or GET from your Ajax code,  Here is a solution using POST:
<?
 
 

$dbName = "";			//insert db name here

$dbUser = ""; 			//insert db Username here

$dbPass = ""; 			//insert db Password here

$dbHost = "localhost";  //insert db Host here

$dbTable = "";  		//insert db Table name here
 
 

$updString = "";

$seperator = ", ";

$index = 1;
 

$data = $_POST;			//$_POST or $_GET
 

foreach($data as $name => $value) {
 

	if ($name && $value){

		

		$updString .= "`".addslashes($name)."` = \'".addslashes($value)."\'";  //protect the input parameters

		

		if ($index < sizeof($data)){

			$updString .= $seperator; //add the delimater if there is another parameter

		}

		$index++;

	

	}
 

}
 
 

if(($db = mysql_connect($dbHost, $dbUser, $dbPass)) && sizeof($data) ){

	if(mysql_select_db($dbName, $db) ){
 

		mysql_query("UPDATE `".$dbName."`.`".$dbTable."` SET ".$updString." WHERE `".$dbTable."`.`id` = ".(int)($data['id'])." LIMIT 1;", $db );

		print "success";

		

	}

}else{

	print "fail";

}
 

?>

Open in new window

0
 
LVL 9

Author Closing Comment

by:Evan Cutler
ID: 31469546
thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
mySql Syntax 7 44
html input clean up 3 47
unable to set breakpoints in chrome source tab 1 30
I am Updating mysql where id =something ...Not working  Jquery/PHP 4 37
New Relic: Our company recently started researching several products to figure out what were the best ways for us to increase our web page speed and to quickly identify performance problems that we may be having. One of the products we evaluated wa…
Does the idea of dealing with bits scare or confuse you? Does it seem like a waste of time in an age where we all have terabytes of storage? If so, you're missing out on one of the core tools in every professional programmer's toolbox. Learn how to …
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now