<?php include "dbFunctions.php"; echo "note that a SQL zero time 0000-00-00 00:00:00 parses as\n"; var_export(strtotime('0000-00-00 00:00:00')); $row = array("WasCanceled" => 1, "IsExpedited" => 0, "OrderedDate" => '2014-10-10 10:38:44', "PaidDate" => '0000-00-00 00:00:00'); echo "\nbefore:\n"; var_export($row); echo "after:\n"; dbOrderNormalize2PHP($row); var_export($row); echo "and back again:\n"; dbOrderNormalize2SQL($row); var_export($row); echo "\nCheck Paypal date parsing:\n"; echo strtotime("08:12:31 Oct 13, 2014 PDT"); echo "\n"; echo date('Y-m-d H:i:s', strtotime("08:12:31 Oct 13, 2014 PDT")); echo "\n";
function dbUpdate($table, $modifyFields, $idName, $idValue, $idName2 = null, $idValue2 = null) { $hadError = false; $con = dbConnect(); if ($con == null) { return null; } if ($idName == "OID") { dbOrderNormalize2SQL($modifyFields); } else { if ($idName == "CID") { dbCustomerNormalize2SQL($modifyFields); } } $i = 1; $sql = "UPDATE {$table} SET "; foreach ($modifyFields as $column => $value) { // escape the incoming value to prevent SQL injection $safeValue = mysqli_real_escape_string($con, $value); // note that the PHP triple-equal is used here, it // specifies that the $value has to be explicitely null // as opposed to something that "looks" like null - like zero if ($value === null) { $sql .= "{$column} = NULL"; } else { $sql .= "{$column} = '{$safeValue}'"; } if ($i != sizeOf($modifyFields)) { $sql .= ", "; } else { $sql .= " "; } $i++; } $sql .= "WHERE {$idName} = {$idValue} "; if ($idName2 != null && $idValue2 != null) { $sql .= "AND {$idName2} = {$idValue2} "; } else { $sql .= "LIMIT 1;"; } $result = mysqli_query($con, $sql); if (!$result) { dbErrorMsg("Error during sql insert in dbUpdate({$dbname})" . mysqli_error($con)); $hadError = true; } dbClose($con); if (!$hadError) { return $idValue; } else { return 0; } }