Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Backbase and MySQL

Posted on 2008-06-22
2
Medium Priority
?
431 Views
Last Modified: 2010-10-05
I have the instructions on how to pull XML out of a MySQL query:
http://bdn.backbase.com/blog/sjoerd/dynamic-data-in-the-pim-demo-using-php-and-mysql

However,
How do I write the changes back up into MySQL?  My Webpages are in PHP.
Thanks
0
Comment
Question by:Evan Cutler
2 Comments
 
LVL 1

Accepted Solution

by:
binarydesignnz earned 2000 total points
ID: 21842347
For a start, you should modify the initial query for getting the data, as it is currently vulnerable to SQL injection.  A simple addslashes command will fix this.
I would recommend changing the line:
    $section = $_GET['section'];
with:
    $section = addslashes($_GET['section']);

This will add a leading backslash to any escape characters.

For updating the database, I am assuming you are using a HTTP POST or GET from your Ajax code,  Here is a solution using POST:
<?
 
 
$dbName = "";			//insert db name here
$dbUser = ""; 			//insert db Username here
$dbPass = ""; 			//insert db Password here
$dbHost = "localhost";  //insert db Host here
$dbTable = "";  		//insert db Table name here
 
 
$updString = "";
$seperator = ", ";
$index = 1;
 
$data = $_POST;			//$_POST or $_GET
 
foreach($data as $name => $value) {
 
	if ($name && $value){
		
		$updString .= "`".addslashes($name)."` = \'".addslashes($value)."\'";  //protect the input parameters
		
		if ($index < sizeof($data)){
			$updString .= $seperator; //add the delimater if there is another parameter
		}
		$index++;
	
	}
 
}
 
 
if(($db = mysql_connect($dbHost, $dbUser, $dbPass)) && sizeof($data) ){
	if(mysql_select_db($dbName, $db) ){
 
		mysql_query("UPDATE `".$dbName."`.`".$dbTable."` SET ".$updString." WHERE `".$dbTable."`.`id` = ".(int)($data['id'])." LIMIT 1;", $db );
		print "success";
		
	}
}else{
	print "fail";
}
 
?>

Open in new window

0
 
LVL 9

Author Closing Comment

by:Evan Cutler
ID: 31469546
thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This post looks at MongoDB and MySQL, and covers high-level MongoDB strengths, weaknesses, features, and uses from the perspective of an SQL user.
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month10 days, 8 hours left to enroll

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question