Grow your CSS skills. Land your dream job.

function in php

  • # January 19, 2013 at 7:56 pm

    sorry if my english language not good, because i am an indonesian,…

    can you help me?

    can we make function in php for save data to database, but the function can use for all table in database,….

    help me please,….

    __
    # January 19, 2013 at 8:09 pm

    What kind of database? What kind of data?

    A *single* function to handle *all* tables is not a good approach.

    # January 19, 2013 at 8:46 pm

    i make database for article and news,…

    i heard in function, including array on it

    __
    # January 19, 2013 at 9:14 pm

    > What kind of database?

    …how are you getting the data, and what format is it in?

    …is your database already made? how is it structured?

    …how will the function be used (accepting input from visitors? simple data entry? an automated script? other)?

    # January 19, 2013 at 9:21 pm

    yes, my database already made,…

    fields
    id(int)
    title(varchar)
    content(text)

    but i want to make function posible to insert data for all table…

    __
    # January 19, 2013 at 11:12 pm

    > *What kind of database?*

    I can see from your description of the structure that it’s an SQL database of some sort. But is it MySQL? MS SQL? Oracle? Please answer this question.

    > how are you getting the data, and what format is it in?

    This makes a big difference as well:

    **Validation**: has the information already been processed (i.e., do you *know* that it is in the proper format to be stored in the DB)?

    **Sanitization**: has the information been properly sanitized, so it won’t create errors or security vulnerabilities when you try to store it (especially important if it came from a user)?

    **Format**: how is the incoming data stored? Is it in an array? an object? a selection of loose variables? POST’d to your script?

    Have you already created the SQL code that you need?

    # January 20, 2013 at 2:37 am

    thats MySql
    i use XAMPP , i use XAMPP 1.7.7

    yes i have already created the SQL code,…

    __
    # January 20, 2013 at 1:01 pm

    You still haven’t answered how you’re receiving the data and what condition it is in when it gets to your function. All of the things I am asking are important and relevant to your question. Please post the SQL statement you’re using as well.

    # January 20, 2013 at 11:48 pm

    i don’t know how to answer, i’m very sorry,…

    to insert data:
    include(‘conection.php’);
    $title=$_POST;
    $title=$_POST;
    $save = insert into article values(”,’$title’,’$content’);
    mysql_query($save)or die(mysql_error());

    so i will make function be like this
    save(‘table_name’,’$title#$content’);

    i think it will make my work easier…
    but can’t make the function

    __
    # January 21, 2013 at 1:40 am

    okay, let’s try this:

    first, don’t use the `mysql_*()` functions. [They are deprecated and not recommended for new code](http://php.net/mysqlinfo.api.choosing).

    I prefer the [mysql**i** extension](http://php.net/mysqli) – it is object-oriented, but also has a procedural api that is very similar to the mysql_*() functions if that’s what you prefer.

    < ?php
    function insertArticle( $DB,$title,$content ){
    // check the database handle
    if( !($DB instanceof mysqli) ){
    // $DB is not a database connection!
    // abort
    return false;
    }
    // this will hold your SQL statement:
    static $query;
    // “static” means it will be “remembered” between calls,
    // so it only needs to be set up once.
    if( !($query instanceof mysqli_stmt) ){
    // not set up yet.
    // here’s your statement:
    $SQL = “INSERT INTO `article`
    ( `title`,`content` )
    VALUES( ?,? )”;
    // assign the prepared statement to $query
    $query = $DB->prepare( $SQL );
    // bind $title and $content to the ? markers in the query
    $query->bind_param( ‘ss’,$title,$content );
    // ready to go.
    }
    // execute the query,
    // using current values in $title and $content.
    $query->execute();
    // check if query was successful or not
    if( $query->affected_rows === 1 ){
    // perfect!
    return true;
    }
    // no good.
    return false;
    }

    This assumes your `id` column is an AUTO_INCREMENT key. You’ll get an SQL error if not; let me know if that is the case.

    Here’s how you might use your function:

    < ?php
    // set up mysqli DB connection
    $DB = new mysqli( ‘DBhost’,’username’,’password’,’DatabaseName’ );
    // check connection
    if( mysqli_connect_error() ){
    print “couldn’t connect to the database.”;
    }

    // later, get the info you want to insert
    $title = $_POST;
    $content = $_POST;
    // you’ll probably want to make sure the info is valid.
    // but you don’t need to worry about sanitization:
    // the prepared statement will take care of that.

    // now, call the function:
    $result = insertArticle( $DB,$title,$content );

    // and check if it was successful or not:
    print $result?
    “data inserted successfully!”:
    “data insertion failed.”;

    That’s it.

    # January 21, 2013 at 2:29 am

    but, is that possible insert insert data to another table in the same database?

    # January 21, 2013 at 8:43 am

    No – the function as set up allows you to insert to the table ‘article’. You could broaden the function by accepting tablename as an additional argument. But you would have to change how the sql query is set up as well as ensure the fieldnames are coded correctly.

    I agree with Traq’s original comment -

    > A single function to handle all tables is not a good approach.

    __
    # January 21, 2013 at 4:18 pm

    Note that simply adding an argument for the table name wouldn’t work anyway – not without making the code a lot more complex/ less secure, that is.

    You can’t parameterize table names in a prepared statement.

    If you switch to individual queries, you’ll have to handle sanitization yourself (less reliable), and it will still only work if the two tables had the same columns (and if that’s the case, why are they *different* tables?).

    What you need to consider is that storing information is not a “generic” task – using a database is less like throwing papers in a file folder and more like filling out a form. You can’t just send the info to the DB randomly and expect it to be stored properly.

    If you do manage to write a single function to handle “any” table, it’s going to be large, convoluted, inefficient, and buggy.

    # January 21, 2013 at 6:11 pm

    yes, i got it,….

    thank you very much,… ^_^

Viewing 14 posts - 1 through 14 (of 14 total)

You must be logged in to reply to this topic.

*May or may not contain any actual "CSS" or "Tricks".