I’m trying to do something like this so I don’t have to type out

Question

0

Asked: May 18, 20262026-05-18T09:27:58+00:00 2026-05-18T09:27:58+00:00

I’m trying to do something like this so I don’t have to type out

0

I’m trying to do something like this so I don’t have to type out all of my post entries. I can’t seems to get this to work though.

edit: added some changes.

foreach($_POST as $key => $value) 
{
    $key = "'".mysql_real_escape_string($key)."'";  
    $value = "'".mysql_real_escape_string($value)."'";
    $qstring = "UPDATE load_test SET ".$key."=".$value." WHERE Id = '".$_POST['id']."'";  
        mysql_query($qstring);
}

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-18T09:27:59+00:00

foreach($_POST as $k=>$v){
        @$select.=" `".mysql_real_escape_string($k)."` = '".mysql_real_escape_string($v)."',";
}
$select = rtrim($select,',');
$select = "UPDATE load_test SET".$select." WHERE id=".$_POST['id'];
mysql_query($select) or die(mysql_error());;

try this is alot faster then the previous one you want need to do more then 1 query
and other then that i think it’s safe enough to escape the key since trying updating a column that doesn’t exist doesn’t get you anywhere, and trying to make an injection escaping will protect you from that, you should though make sure the id is numeric

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m trying to do something like this so I don’t have to type out

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply