0

I'm having trouble understanding the documentation for the UPDATE command of MYSQL. I am viewing records in a PHP page from the database and I want to edit them.

To INSERT I have this code which is an array. I want to know if I can do the same with the UPDATE statement, to save me lots of this=$this 's.

Insert 

 mysql_query("INSERT INTO $tbl_name(title, pbDate, summary, blog) VALUES('$title', 'pbDate', '$summary', '$blog')")or die(mysql_error());

Update

mysql_query("UPDATE $tbl_name SET title='$title', pbDate='$pbDate' summary='$summary' blog='$blog' WHERE id='$id'")

I thinking something like this, but I'm not sure and can't find anything in the manual.

mysql_query("UPDATE $tbl_name SET (title, pbDate, summary, blog) VALUES('$title', 'pbDate', '$summary', '$blog') WHERE id='$id'")
Adam Brown
  • 2,812
  • 4
  • 28
  • 39
  • 2
    No. It's not in the documentation, so it probably won't be supported. :-) Also, try to avoid mysql_* functions in your code. From PHP 5.5+ they'll be deprecated. – Marty McVry Apr 06 '13 at 21:53
  • 2
    [Please, don't use `mysql_*` functions](http://stackoverflow.com/q/12859942/1190388) in new code. They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the red box? Learn about prepared statements instead, and use [tag:PDO] or [tag:MySQLi]. – hjpotter92 Apr 06 '13 at 21:54
  • wait, I can't use mysql_real_escape_string?? Nooooo this is gonna suck – Adam Brown Apr 06 '13 at 21:55
  • @AdamBrown Please read http://stackoverflow.com/tags/pdo/info – hjpotter92 Apr 06 '13 at 21:57
  • @AdamBrown With PDO you won't need it, and with `mysqli_*` you'll have a relnacement, called `mysqli_real_escape_string()`. – glglgl Apr 06 '13 at 22:21

1 Answers1

0

You could use an array ...

Working phpFiddle:

http://phpfiddle.org/main/code/pi9-ckh

<?php
$array = array(
    "column" => "some_value",
    "title" => "some_title",
);

$setString = '';
foreach($array as $key => $value){
    $tempArray[] = $key . ' = ' . "\"" . $value . "\""; 
}

$setString = implode(",", $tempArray);

echo $setString;
?>
What have you tried
  • 11,018
  • 4
  • 31
  • 45
  • You'll have to quote and escape that `$value`. And add a table name in the query. And add commas. – Rudie Apr 06 '13 at 21:57
  • You could create a second array and then implode that to add the commas. More readable and probably faster. You also need to use a db function to escape the value. – Rudie Apr 06 '13 at 22:02
  • And your phpfiddle doesn't go to a fiddle. – Rudie Apr 06 '13 at 22:04
  • @Rudie I don't see a need for escaping the value as the user should move to prepared statements anyways. However, I do agree with the implode idea – What have you tried Apr 06 '13 at 22:04