<?php
include "dbFunctions.php";
echo "note that a SQL zero time 0000-00-00 00:00:00 parses as\n";
var_export(strtotime('0000-00-00 00:00:00'));
$row = array("WasCanceled" => 1, "IsExpedited" => 0, "OrderedDate" => '2014-10-10 10:38:44', "PaidDate" => '0000-00-00 00:00:00');
echo "\nbefore:\n";
var_export($row);
echo "after:\n";
dbOrderNormalize2PHP($row);
var_export($row);
echo "and back again:\n";
dbOrderNormalize2SQL($row);
var_export($row);
echo "\nCheck Paypal date parsing:\n";
echo strtotime("08:12:31 Oct 13, 2014 PDT");
echo "\n";
echo date('Y-m-d H:i:s', strtotime("08:12:31 Oct 13, 2014 PDT"));
echo "\n";
function dbUpdate($table, $modifyFields, $idName, $idValue, $idName2 = null, $idValue2 = null)
{
$hadError = false;
$con = dbConnect();
if ($con == null) {
return null;
}
if ($idName == "OID") {
dbOrderNormalize2SQL($modifyFields);
} else {
if ($idName == "CID") {
dbCustomerNormalize2SQL($modifyFields);
}
}
$i = 1;
$sql = "UPDATE {$table} SET ";
foreach ($modifyFields as $column => $value) {
// escape the incoming value to prevent SQL injection
$safeValue = mysqli_real_escape_string($con, $value);
// note that the PHP triple-equal is used here, it
// specifies that the $value has to be explicitely null
// as opposed to something that "looks" like null - like zero
if ($value === null) {
$sql .= "{$column} = NULL";
} else {
$sql .= "{$column} = '{$safeValue}'";
}
if ($i != sizeOf($modifyFields)) {
$sql .= ", ";
} else {
$sql .= " ";
}
$i++;
}
$sql .= "WHERE {$idName} = {$idValue} ";
if ($idName2 != null && $idValue2 != null) {
$sql .= "AND {$idName2} = {$idValue2} ";
} else {
$sql .= "LIMIT 1;";
}
$result = mysqli_query($con, $sql);
if (!$result) {
dbErrorMsg("Error during sql insert in dbUpdate({$dbname})" . mysqli_error($con));
$hadError = true;
}
dbClose($con);
if (!$hadError) {
return $idValue;
} else {
return 0;
}
}
