Home/ Questions/Q 6857219
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T01:59:19+00:00

I’m trying to do this: class database { function editProvider($post) { $sql = UPDATE

  • 0

I’m trying to do this: 

class database {    
function editProvider($post)
{   
    $sql = "UPDATE tbl SET ";
        foreach($post as $key => $val):
            if($key != "providerId")
            {
                $val = formValidate($val);
                $sqlE[] = "`$key`='$val'"; 
            }
        endforeach;

    $sqlE = implode(",", $sqlE);

    $where = ' WHERE `id` = \''.$post['id'].'\'';
    $sql = $sql . $sqlE . $where;

    $query = mysql_query($sql);

    if($query){
        return true;
    }
}
//
}//end class

And then use this function * INSIDE of another class *: 

function formValidate($string){
  $string = trim($string);
  $string = mysql_real_escape_string($string);
  return $string;
}
//

.. on $val. Why doesn’t this work? if I write in a field of the form, it’s not escaping anything at all. How can that be?

* UPDATE *
handler.php:

if(isset($_GET['do'])){

if($_GET['do'] == "addLogin")
{
    $addLogin = $db->addLogin($_POST);
}

if($_GET['do'] == "addProvider")
{
    $addProvider = $db->addProvider($_POST);
}

if($_GET['do'] == "editProfile")
{
    $editProfile = $db->editProfile($_POST);
}

if($_GET['do'] == "editProvider")
{
    $editProvider = $db->editProvider($_POST);
}
}
//end if isset get do

** The editProvider function works fine except for this 🙂 **

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Not sure why you are so bent on using $this vs a static implementation. IMO, a static call makes this code much easier. If you really want access to $this->formValidatString() from your database class, you will have to do class database extends MyOtherClass.

    Here is how easy it would be to do a static call:

    class database {

    public function editProvider($post)
    {   
        $sql = "UPDATE tbl SET ";
        foreach($post as $key => $val):
            if($key != "providerId")
            {
                $val = MyOtherClass::formValidate($val);
                $sqlE[] = "`$key`='$val'"; 
            }
        endforeach;

        $sqlE = implode(",", $sqlE);

        $where = ' WHERE `id` = \''.$post['id'].'\'';
        $sql = $sql . $sqlE . $where;

        $query = mysql_query($sql);

        if($query){
            return true;
        }
    }        
}//end class

class MyOtherClass
{
    public static function formValidate($string) {

        if (strlen($string) < 1) {
            throw new Exception('Invalid $string ' . $string . ');
        }

        $string = trim($string);
        $string = mysql_real_escape_string($string);

        return $string;
    }
}
    • 0