|
You may want to post this over on WEB400 as there are more PHP folks
there...
My .02...
This type of generic statement generator/processor is a bad idea. If not
outright dangerous since it appears subject to SQL Injection attacks.
Regardless of what language is used or what RDBMS is involved.
Charles
On Wed, Jan 20, 2016 at 12:41 AM, Rob <rob.couch@xxxxxxxxxxxxxx> wrote:
I know what values are going into the fields... my MakeSets and
MakeInsert functions have not a clue, so not matter what , all values are
inside single quotes....
I have already validated the data... it all sets in an associative
array. I then send the array to one of my functions and turn it into:
$sfields = '"Field1", "Field2", "Field3"' ;
$sValues = "'Value1', 'Value2', 'Value3'" ;
To be used like: 'INSERT INTO TABLE ( ' . $sFields . ' ) VALUES ( ' .
$sValues . ' ) ;' ;
OR
$sSets = '"Field1" = \'1\', "Field2" = \'String\', "Field3" = \'41576\'' ;
To Be Used Like: 'UPDATE TABLE SET ' . $sSets . ' WHERE ID = 10 ;' ;
My functions are in my previous message....
On 01/19/2016 04:46 PM, John Yeung wrote:
On Tue, Jan 19, 2016 at 12:26 PM, Rob <rob.couch@xxxxxxxxxxxxxx> wrote:
But in my functions I do not test or other wise know that theThen no doubt DB2 is attempting to coerce the values it receives into
value of a
name => value pair in an associative array is necessarily numeric. As I
said so far, DB2 seems to know that the string I am inserting is a
number
and stores it correctly. So in my testing and what I have read, I have
not
been very concerned.
the appropriate type for storage in the table, and if it succeeds,
then it quietly continues processing.
What I'm a little confused about actually is that you don't know the
types of the values. You said you're using PHP, which is among the
most weakly typed languages out there; but nevertheless, it has
type-testing functions (like gettype(), is_numeric(), and so forth).
If you care about the types, why can't you just use those functions in
your code?
John Y.
--
Your Out-Source IT Department,
Rob Couch
IT Serenity
214 682 7638
Skype: itserenity
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related
questions.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.