public static function performInsertQuery($db, $table, $propValArray) { /* * Input: * $db = a database connection * $table = the name of the table to insert row into * $propValArray = array("prop1"=>val1,"prop2"=>val2,...) * Insert a new row into the specified table with the corresponding values */ $propKeys = array_keys($propValArray); $fieldList = self::genFieldList($propKeys); $placeholderList = self::genPlaceholderList($propKeys); $stmt = $db->prepare("INSERT INTO " . $table . " (" . $fieldList . ") VALUES (" . $placeholderList . ")"); $result = $stmt->execute(DBHelper::genExecuteArray($propValArray)); return ["result" => $result, "insertID" => $db->lastInsertId()]; }
public function setUserProfile($userid, $changedprofile) { /* * not including: * zipcode * userimage * userimage_thumbnail * height * armspan * apeindex * weight */ $validprofile = array("email", "firstname", "lastname", "birthday", "date_climbingstart", "gender", "main_gym", "aboutme", "countryCode", "main_crag"); //check validity of each property $profileisvalid = true; foreach ($changedprofile as $key => $val) { if (in_array($key, $validprofile)) { if ($key == "email" && !filter_var($val, FILTER_VALIDATE_EMAIL)) { //if invalid email return ["result" => false, "error" => "Invalid email address."]; } else { if (in_array($key, array("birthday", "date_climbingstart"))) { //validate date $date = DateTime::createFromFormat('Y-m-d', $val); $date_errors = DateTime::getLastErrors(); if ($date_errors['warning_count'] + $date_errors['error_count'] > 0) { return ["result" => false, "error" => "Invalid date for: [" . $key . "]"]; } } else { if ($key == "gender" && !in_array($val, array("Male", "Female", "Other"))) { return ["result" => false, "error" => "Invalid gender specified"]; } else { if (in_array($key, array("main_gym", "main_crag"))) { //check that this gym id exists $areaType = $key == "main_gym" ? 1 : 0; $areaExists = ClimbingAreaDAO::climbingAreaExists($val, $areaType); if (!$areaExists) { return ["result" => false, "error" => "Climbing area does not exist."]; } } else { if ($key == "countryCode") { //check that CountryCode exists } } } } } } else { $profileisvalid = false; break; } } if ($profileisvalid) { $prepStr = DBHelper::genPrepareString($changedprofile); $stmtStr = "UPDATE userdata SET " . $prepStr . " WHERE userid=:userid"; $stmt = $this->db->prepare($stmtStr); $executeArray = DBHelper::genExecuteArray($changedprofile); $executeArray[':userid'] = $userid; return ["result" => $stmt->execute($executeArray)]; } }