/* ---------------------------------------------- */ /* - CPNT 262 Web Client and Server Programming - */ /* --------- Author: Stefan Richardson ---------- */ /* -------------December 7, 2015 ---------------- */ /* ---------- PHP MySQL Assignment -------------- */ /* ---------------------------------------------- */ // include important files include "functions.php"; // check to see if the $_REQUEST is set... if (isset($_REQUEST['countrycode'])) { // set a variable to hold your MySQL connection info $dbh = mysqli_connect("localhost", "travel", "password", "travelexperts"); // if the connection fails... if (!$dbh) { // print to an external function that writes the errors n a text file. printErrorLog(mysqli_connect_error()); // exit function exit; } // write the SQL code need to select data from a db table where the country code is what the user selected $sql = "SELECT provstatecode, provstatename FROM provstate WHERE countrycode='" . $_REQUEST["countrycode"] . "'"; // set a results variable to query the connection info and SQL code $result = mysqli_query($dbh, $sql); // set a variable to write the code needed for your select menu $select = "<select name='CustProv'><option>Select a province or state</option>"; // as long as there are rows, concatinate each option tag to the $select variable while ($row = mysqli_fetch_row($result)) { $select .= "<option value='{$row['0']}'>{$row['1']}</option>"; } // finish off the the select code $select .= "</select>";
function customerUpdate($data, $custid) { // set the connection information of the data to a variable // the '@' tells the server not to print out the errors that may occur $dbh = @mysqli_connect("localhost", "root", "", "custorders"); // if there is an error... if (!$dbh) { // print the time and the error to an external log printErrorLog(time() . " : " . mysqli_connect_error()); // end the function and print out the error die(mysqli_connect_error()); } // write the statement in SQL, that is needed to update the database $sql = "UPDATE customers SET fname=?, lname=?, address=?, city=?, prov=?, pcode=?, phone=? WHERE custid=?"; // create a prepare statement with the connection information and SQL code $stmt = mysqli_prepare($dbh, $sql); // bind the parammeters of the statement, the type of information being sent, and the values for the types mysqli_stmt_bind_param($stmt, "sssssssi", $data["fname"], $data["lname"], $data["address"], $data["city"], $data["prov"], $data["pcode"], $data["phone"], $data["custid"]); // create an array where the data that the user entered is the value and the field name is the key foreach ($data as $k => $v) { $setarray[] = "{$k}='{$v}'"; } // turn the array into a string and set it in the $setstring variable $setstring = implode(",", $setarray); // create another SQL code that updates the customers table where cust id equals a value $sql = "UPDATE customers SET {$setstring} WHERE custid=?"; // prepare your sql statement $stmt = mysqli_prepare($dbh, $sql); // bind all your params mysqli_stmt_bind_param($stmt, "i", $custid); // if the statement is executed, if (mysqli_stmt_execute($stmt)) { // print out how many rows are affected print "Rows updated: " . mysqli_stmt_affected_rows($stmt); } // if the database returns an error, store the results in a variable $error = mysqli_error($dbh); // make sure the database is closed mysqli_close($dbh); // return the error variable return $error; }