Jump to content

Using class method

Bravat

By Bravat
in PHP Coding Help

 Share

Recommended Posts

Bravat Member

Bravat

Posted
Posted

I found class on the net, and i am having a bit of a problem to understand how does update method works. Here is the code:

public function update() {
  global $database;
	// Don't forget your SQL syntax and good habits:
	// - UPDATE table SET key='value', key='value' WHERE condition
	// - single-quotes around all values
	// - escape all values to prevent SQL injection
	$attributes = $this->sanitized_attributes();
	$attribute_pairs = array();
	foreach($attributes as $key => $value) {
	  $attribute_pairs[] = "{$key}='{$value}'";
	}
	$sql = "UPDATE ".self::$table_name." SET ";
	$sql .= join(", ", $attribute_pairs);
	$sql .= " WHERE id=". $database->escape_value($this->id);
  $database->query($sql);
  return ($database->affected_rows() == 1) ? true : false;
}

 

I have form like this to deal with update:

<form action="index.php?page=languages" enctype="multipart/form-data" method="POST">
    <?php foreach($language as $lang){ ?>
    	<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>" />
    <label>Jezik</label><input type="text" size="50" name="language" value="<?php 	echo $lang->lang; ?>" /><br>
    <input type="hidden" name="id_lang" value="<?php echo $lang->id_lang; ?>"  />
<label>Slika</label><input type="file" name="image"><?php 
echo "<img src=\"../images/";
		echo $lang->image;
		echo "\">";
?> <br>
    <label>Pozicija</label><input type="text" name="pozicija" value="<?php echo $lang->pozicija; ?>" size="2" /></p> <br>
<input type="submit" name="submit_update" value="Unesi"> 
    <?php } ?>  
    </form>

and code to start the function:

if(isset($_POST['submit_update'])) {
	$language = new Jezik();
	$language->update();		
}

What next??? :confused:

Link to comment
Share on other sites
Bravat Member

Bravat

Posted
  • Author
Posted

This is the hole class:

class Jezik {

protected static $table_name=" language";
protected static $db_fields=array('id_lang', 'lang',  'image', 'pozicija');
public $id_lang;
public $lang;
public $image;
public $pozicija;

private $temp_path;
  protected $upload_dir="images";
  public $errors=array();
  
	  protected $upload_errors = array(
	// http://www.php.net/manual/en/features.file-upload.errors.php
	UPLOAD_ERR_OK 				=> "No errors.",
	UPLOAD_ERR_INI_SIZE  	=> "Larger than upload_max_filesize.",
  UPLOAD_ERR_FORM_SIZE 	=> "Larger than form MAX_FILE_SIZE.",
  UPLOAD_ERR_PARTIAL 		=> "Partial upload.",
  UPLOAD_ERR_NO_FILE 		=> "No file.",
  UPLOAD_ERR_NO_TMP_DIR => "No temporary directory.",
  UPLOAD_ERR_CANT_WRITE => "Can't write to disk.",
  UPLOAD_ERR_EXTENSION 	=> "File upload stopped by extension."
);

// Pass in $_FILE(['uploaded_file']) as an argument
  public function attach_file($file) {
	// Perform error checking on the form parameters
	if(!$file || empty($file) || !is_array($file)) {
	  // error: nothing uploaded or wrong argument usage
	  $this->errors[] = "No file was uploaded.";
	  return false;
	} elseif($file['error'] != 0) {
	  // error: report what PHP says went wrong
	  $this->errors[] = $this->upload_errors[$file['error']];
	  return false;
	} else {
		// Set object attributes to the form parameters.
	  $this->temp_path  = $file['tmp_name'];
	  $this->image   = basename($file['name']);
		// Don't worry about saving anything to the database yet.
		return true;

	}
}
  	public function save() {
	// A new record won't have an id yet.
	if(isset($this->id)) {
		// Really just to update the caption
		$this->update();
	} else {
		// Make sure there are no errors

		// Can't save if there are pre-existing errors
	  if(!empty($this->errors)) { return false; }	  

	  // Can't save without filename and temp location
	  if(empty($this->image) || empty($this->temp_path)) {
	    $this->errors[] = "The file location was not available.";
	    return false;
	  }

		// Determine the target_path
	  $target_path = SITE_ROOT .DS.$this->upload_dir .DS. $this->image;
		// Attempt to move the file 
		if(move_uploaded_file($this->temp_path, $target_path)) {
	  	// Success
			// Save a corresponding entry to the database
			if($this->create()) {
				// We are done with temp_path, the file isn't there anymore
				unset($this->temp_path);
				return true;
			}
		} else {
			// File was not moved.
	    $this->errors[] = "The file upload failed, possibly due to incorrect permissions on the upload folder.";
	    return false;
		}
	}
}

public function destroy() {
	// First remove the database entry
	if($this->delete()) {
		// then remove the file
	  // Note that even though the database entry is gone, this object 
		// is still around (which lets us use $this->image_path()).
		$target_path = SITE_ROOT.DS.$this->image_path();
		return unlink($target_path) ? true : false;
	} else {
		// database delete failed
		return false;
	}
}

public function image_path() {
  return $this->upload_dir.DS.$this->filename;
}

public function size_as_text() {
	if($this->size < 1024) {
		return "{$this->size} bytes";
	} elseif($this->size < 1048576) {
		$size_kb = round($this->size/1024);
		return "{$size_kb} KB";
	} else {
		$size_mb = round($this->size/1048576, 1);
		return "{$size_mb} MB";
	}
}

// Common Database Methods
public static function find_all() {
	return self::find_by_sql("SELECT * FROM ".self::$table_name);
  }
  
  public static function find_by_id($id=0) {
  global $database;
    $result_array = self::find_by_sql("SELECT * FROM ".self::$table_name." WHERE product_id=".$database->escape_value($id)." LIMIT 1");
	return !empty($result_array) ? array_shift($result_array) : false;
  }
  
  public static function find_by_sql($sql="") {
    global $database;
    $result_set = $database->query($sql);
    $object_array = array();
    while ($row = $database->fetch_array($result_set)) {
      $object_array[] = self::instantiate($row);
    }
    return $object_array;
  }

public static function count_all() {
  global $database;
  $sql = "SELECT COUNT(*) FROM ".self::$table_name;
    $result_set = $database->query($sql);
  $row = $database->fetch_array($result_set);
    return array_shift($row);
}

private static function instantiate($record) {
	// Could check that $record exists and is an array
    $object = new self;
	// Simple, long-form approach:
	// $object->id 				= $record['id'];
	// $object->username 	= $record['username'];
	// $object->password 	= $record['password'];
	// $object->first_name = $record['first_name'];
	// $object->last_name 	= $record['last_name'];

	// More dynamic, short-form approach:
	foreach($record as $attribute=>$value){
	  if($object->has_attribute($attribute)) {
	    $object->$attribute = $value;
	  }
	}
	return $object;
}

private function has_attribute($attribute) {
  // We don't care about the value, we just want to know if the key exists
  // Will return true or false
  return array_key_exists($attribute, $this->attributes());
}

protected function attributes() { 
	// return an array of attribute names and their values
  $attributes = array();
  foreach(self::$db_fields as $field) {
    if(property_exists($this, $field)) {
      $attributes[$field] = $this->$field;
    }
  }
  return $attributes;
}

protected function sanitized_attributes() {
  global $database;
  $clean_attributes = array();
  // sanitize the values before submitting
  // Note: does not alter the actual value of each attribute
  foreach($this->attributes() as $key => $value){
    $clean_attributes[$key] = $database->escape_value($value);
  }
  return $clean_attributes;
}

// replaced with a custom save()
// public function save() {
//   // A new record won't have an id yet.
//   return isset($this->id) ? $this->update() : $this->create();
// }

public function create() {
	global $database;
	// Don't forget your SQL syntax and good habits:
	// - INSERT INTO table (key, key) VALUES ('value', 'value')
	// - single-quotes around all values
	// - escape all values to prevent SQL injection
	$attributes = $this->sanitized_attributes();
  $sql = "INSERT INTO ".self::$table_name." (";
	$sql .= join(", ", array_keys($attributes));
  $sql .= ") VALUES ('";
	$sql .= join("', '", array_values($attributes));
	$sql .= "')";
  if($database->query($sql)) {
    $this->product_id = $database->insert_id();
    return true;
  } else {
    return false;
  }
}

public function update() {
  global $database;
	// Don't forget your SQL syntax and good habits:
	// - UPDATE table SET key='value', key='value' WHERE condition
	// - single-quotes around all values
	// - escape all values to prevent SQL injection
	$attributes = $this->sanitized_attributes();
	$attribute_pairs = array();
	foreach($attributes as $key => $value) {
	  $attribute_pairs[] = "{$key}='{$value}'";
	}
	$sql = "UPDATE ".self::$table_name." SET ";
	$sql .= join(", ", $attribute_pairs);
	$sql .= " WHERE id=". $database->escape_value($this->id);
  $database->query($sql);
  return ($database->affected_rows() == 1) ? true : false;
}

public function delete() {
	global $database;
	// Don't forget your SQL syntax and good habits:
	// - DELETE FROM table WHERE condition LIMIT 1
	// - escape all values to prevent SQL injection
	// - use LIMIT 1
  $sql = "DELETE FROM ".self::$table_name;
  $sql .= " WHERE id=". $database->escape_value($this->id);
  $sql .= " LIMIT 1";
  $database->query($sql);
  return ($database->affected_rows() == 1) ? true : false;

	// NB: After deleting, the instance of User still 
	// exists, even though the database entry does not.
	// This can be useful, as in:
	//   echo $user->first_name . " was deleted";
	// but, for example, we can't call $user->update() 
	// after calling $user->delete().
}

}

?>

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

update() calls sanitized_attributes() which uses $this->attributes(), which reads properties for each database field.  So you would use it like this:

 

$language->id_lang = ... ;

$language->lang = ... ;

$language->image = ... ;

$language->pozicija = ... ;

$language->update();

 

OR, you would use another class method to initialize those values, then change some of them, and then call update() to save the changes.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.