Avatar of curiouswebster
Flag for United States of America

asked on 

PHP: fixing the weak points of this small SQLite source file

I am new to PHP and have created a working file which reads from the URL and insert a row into the SQLite contacts table. But, I need to make it handle names, like "O'Reilly". How?

And I need to harden up other weak points you may find.

My longer term plan it to quickly learn PDO, but, I need to know what parts can fail, and if there is a simple fix for each. Also, I do not log errors. What is the most fault tolerant way? Appending to an Error.Log text file?

The good news about error logging is that this URL will be embedded in a QR code, and will execute before it can be edited by the user. And, if they edit it, it will fail. Fine.



header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); 
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

$variables = '';
foreach ($_GET as $key => $myGetvar) {
    $key = ucfirst($key);
    $variables .= "'$myGetvar'," ;

$valuesStr = $variables;
$now .= date("Y-m-d h:i:s");
$temp = array($now, $now);
$datefields = "'" . implode ( "', '", $temp ) . "'";
$valuesStr .= $datefields;

class MyDB extends SQLite3 {
   function __construct() {

 $db = new MyDB();
 if(!$db) {
    echo $db->lastErrorMsg();
 } else {
    echo "<br>Opened database successfully<br>";

 $sql =<<<EOF
INSERT INTO contacts ( fname, lname, street, city, state, zip, title, company, voterid, create_date, update_date ) VALUES
( $valuesStr );
//echo $sql;

$ret = $db->exec($sql);
 echo $db->lastErrorMsg();
} else {
 echo "contacts Table populated successfully<br>";


Open in new window

Web DevelopmentPHPWeb Languages and StandardsWeb BrowsersWordPress

Avatar of undefined
Last Comment
Chris Stanyon

8/22/2022 - Mon