0

I'm trying to do this: 

class database {    
function editProvider($post)
{   
    $sql = "UPDATE tbl SET ";
        foreach($post as $key => $val):
            if($key != "providerId")
            {
                $val = formValidate($val);
                $sqlE[] = "`$key`='$val'"; 
            }
        endforeach;

    $sqlE = implode(",", $sqlE);

    $where = ' WHERE `id` = \''.$post['id'].'\'';
    $sql = $sql . $sqlE . $where;

    $query = mysql_query($sql);

    if($query){
        return true;
    }
}
//
}//end class

And then use this function * INSIDE of another class *: 

function formValidate($string){
  $string = trim($string);
  $string = mysql_real_escape_string($string);
  return $string;
}
//

.. on $val. Why doesn't this work? if I write in a field of the form, it's not escaping anything at all. How can that be?

* UPDATE * handler.php:

if(isset($_GET['do'])){

if($_GET['do'] == "addLogin")
{
    $addLogin = $db->addLogin($_POST);
}

if($_GET['do'] == "addProvider")
{
    $addProvider = $db->addProvider($_POST);
}

if($_GET['do'] == "editProfile")
{
    $editProfile = $db->editProfile($_POST);
}

if($_GET['do'] == "editProvider")
{
    $editProvider = $db->editProvider($_POST);
}
}
//end if isset get do

** The editProvider function works fine except for this :-) **

Improve this question
9
  • 1
    Where have you declared the two functions (in different classes)? Commented Nov 18, 2011 at 17:12
  • Its hard to see what the problem is because you said it is calling a function inside a class but you provide only two functions and no class. Its hard to see the scope and also can you try putting an echo at the beginning and end of the formValidate function to see if it is actually calling it. Please try and provide this debug info. Thanks! Commented Nov 18, 2011 at 17:15
  • I've added the different classes, where the functions is inside. editProvider is inside class database, and formValidate is inside class validate. Does this help you? Commented Nov 18, 2011 at 17:22
  • Yes please see Jose Vega's comment. Hope that helps! But just a sidenote -- if you had kept the validate as a simple function instead of putting it into a class you would have been able to do what you had originally, but instead putting it into a class forced you to instantiate that class, hopefully that's what you want. Also see calling functions statically:php.net/manual/en/language.oop5.static.php Commented Nov 18, 2011 at 17:28
  • But I am trying to use the $this->.. I just thought it had to be inside of a class, since you started talking about it. Now it's NOT inside of a class, but still it doesn't work with $this-> Commented Nov 18, 2011 at 17:35

3 Answers 3

Reset to default
2

You need to instantiate that validate class and than once instantiated you will need to call that function in that class with your value parameters.

Inside your editProvider you can have:

$validator = new validate();
$val = $validator->formValidate($val);

If the above doesn't work, try the following:

$val = mysql_real_escape_string(trim($val));

and see if it works, if it does it has to do with the correct function not being called.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Can you verify that formValidate is actually firing? Add an echo $string and make suer its receiving the correct parameter.
I am trying to use this without using the functions inside a class. And tried $this-> but it seems it doesn't work.
It seems like it doesn't even work if I'm doing this: mysql_real_escape_string($val); so it might be something before all this? :-s I'm having a handler.php where im sending the $_POST to the function.. I've edited my question for the handler.php to see.
1

Not sure why you are so bent on using $this vs a static implementation. IMO, a static call makes this code much easier. If you really want access to $this->formValidatString() from your database class, you will have to do class database extends MyOtherClass.

Here is how easy it would be to do a static call:

class database {

    public function editProvider($post)
    {   
        $sql = "UPDATE tbl SET ";
        foreach($post as $key => $val):
            if($key != "providerId")
            {
                $val = MyOtherClass::formValidate($val);
                $sqlE[] = "`$key`='$val'"; 
            }
        endforeach;

        $sqlE = implode(",", $sqlE);

        $where = ' WHERE `id` = \''.$post['id'].'\'';
        $sql = $sql . $sqlE . $where;

        $query = mysql_query($sql);

        if($query){
            return true;
        }
    }        
}//end class

class MyOtherClass
{
    public static function formValidate($string) {

        if (strlen($string) < 1) {
            throw new Exception('Invalid $string ' . $string . ');
        }

        $string = trim($string);
        $string = mysql_real_escape_string($string);

        return $string;
    }
}
Improve this answer

2 Comments

This still doesn't work. Please read the other comments. I'm writting that not even mysql_real_escape_string($val) works.. :-S I don't know what's going on here.
@Kolind: Updated code, the exception will let you know if a val you pass in is legitimate.
0

You don't need to have an instance for this purpose. Just do validate::formValidate($val);.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.