UBB.Developers Forums Community Development Programming PHP and Server-side Scripting OOP insanity

I'm trying to write a reusable function to add/update/delete records from a dataset.

I've got about 7 functions that are all copied from the first one I wrote, and they all pretty much contain the same code with the exception of the form fields, db fields, and database tables.

I'm trying to make it so that I can detect what type of transaction is needed, get the correct fields declared, build a SQL and process.

Here's the problem...

I'm calling a routine called fm_lib::do_add which is my add routine processor. Inside there, it needs to be intelligent enough to detect that I'm working with the contact_us function, get the form data, build a query, and process the form properly.

I have 4 parts to the routine - form validation, SQL assembly, SQL execution, do_confirm (a confirmation message)

I'm having problems with the getting the proper form variables from the post to build the SQL.

Any ideas?

Are your form variables just not showing up? How exactly are you trying to reference them? If I can get a better idea of the exact problem you're having, I might be able to lend a hand.

That would the the problem. I'm not able to get the form vars properly addressed.

Right now, I'm guessing its a scope problem with the vars. I'm trying to set globals from an included file. I'm guessing there is a better way to do this.

Are you trying to reference these form vars from within a function? If so then, from that point it depends on how you're trying to reference them. Shooting in the dark here, but there could be a variety of scenarios.

Scenario 1
You program with register_globals on. Which means if you have a form variabled named "bar" then you just directly reference it with $bar in your script. If you try to do this inside a function it won't work due to scope. So you'd need to globalize it, like below.



Scenario 2
You program with register globals off. Which means you might reference your form variables by using the $HTTP_POST_VARS and $HTTP_GET_VARS arrays. For this to work, you need to globalize those arrays as well to get access to your form vars in your functions.



If it turns out to be a scenario 2 issue, then if your running at least version 4.1 of PHP then you can make it easier on yourself by using the $_POST and $_GET arrays. These are superglobals so you don't need to globalize them to get access to the keys within. So the following would work, just like scenario 2.



Of course, there could be a scenario 3 in where I totally missed the mark

I appreciate the nudge in the right direction.

I do have Register globals off. Most of my references to form fields are through the post variables. I'm going to play with it more today and see how insane I really im.

So do I I always appreciate Scream's tidbits pushes me further into my projects also

Yeah, I got it figured out.

I just need to preassemble my SQL statements with the $_POST vars, and just pass the statement to my SQL processor, and display confirmation.

Now I can have a generic processor for my add statements.

Make sure that you validate the SQL statements before executing them.
It's a security risc if you use the $_POST vars without any validation.

I have a validation routine before the SQL is retrieved and executed. I just have the statement preassembled and ready to be called. That is in addition to some brute force Permission checking that is done before it even tries to read the post vars.