This may not be an option for many people, 'cause ISPs and web hosts may
not be forward-thinking enough to install PDO or recent PHP, but...
PDO can do do this in a very database independant way, without having to
do the equivalent of "mysql_real_escape_string":
$table = 'xyz';
$data = array(
'Field1' => "Data1",
'Field2' => "Data2"
);
$fields = implode(',',array_keys($data));
$placeholders = ':' . implode(',:',array_keys($data));
$stmt = $dbh->prepare("INSERT INTO $table ($fields) VALUES($placeholders)");
$stmt->execute($data);
With the added bonus that you can insert multiple rows quickly without
having to rebuild any queries...
$stmt->execute($data1);
$stmt->execute($data2);
...
$stmt->execute($dataN);
(And PDO is super-fast compared to some other similar PHP-based libraries.)
jon
[EMAIL PROTECTED] wrote:
My contribution to the insanity.. INSERT statements made easy:
$genericQY = "INSERT INTO MOD_LMGR_Leads ("; $genericQYvalues = "
VALUES (";
$genericQY .= " FirstName,"; $genericQYvalues .= "
'John',";
$genericQY .= " LastName"; $genericQYvalues .= "
'Smith'";
$genericQY .= " )"; $genericQYvalues .= "
);";
$genericQY .= $genericQYvalues;
$genericRS = mysql_query($genericQY);
You call that readable??
$vals = array();
$vals['FirstName'] = 'John';
$vals['LastName'] = 'Smith';
$query = mysql_query(BuildInsert('MOD_LMGR_Leads', $vals));
function BuildInsert($table, $values)
{
foreach (array_keys($values) as $key)
$values[$key] = mysql_real_escape_string($values[$key]);
$sql = 'insert into `'.$table.'` (`';
$sql.= implode('`,`', array_keys($values));
$sql.= '`) values ("';
$sql.= implode('","', array_values($values));
$sql.= '")';
return $sql;
}
Note that this is a *very* cut down and untested version of BuildInsert.
-Stut
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
