Updating a mysql column with keys from another column from the same table

Question

maybe the question title is not very descriptive. That's because I really didn't know how to write it. But my problem here is that I have one table named pagemeta with three columns id , page_property and property_value and this is how it looks like:

-----------------------------------
id | page_property | property_value|
------------------------------------
1  | telephone     | 445854541     |
2  | email         | c@gmail.com   |
3  | icon          | img/1.jpg     |

So far so good. Now I have a html form which sends a post request to a php page. The $_POST array keys are named after the fields from the page_property column, like: telephone and email and icon. The $_POST array values are set from the input fields in the form. At the end I have a $_POST array with these values:

telephone=>8988989
email=>b@gmail.com
icon=> img/2.jpg

The problem begins here where I try to update the pagemeta table. I don't know how to write the UPDATE query where the fields in the property_value column are updated with their corresponding key from the $_POST array. It means that the fields in property_value should be updated related to the field values in the page_property column. Sorry for asking so unclear and complicated. I really didn't know how to explain. Any edit would be welcome and any answer would be a great help. Thanks I've search everywhere but didn't find any answer.

Answer 1

Normally when you create the HTML Form, you add a hidden field containing the id of the row you're editing.

<form>
<input type="hidden" name="id" value="1"> <!-- id of record being edited -->
<input type="tel" name="telephone" value="8988989">
<input type="email" name="email" value="b@gmail.com">
<input type="text" name="icon" value="img/2.jpg">
</form>

Your $POST array would be:

id=>1
telephone=>8988989
email=>b@gmail.com
icon=> img/2.jpg

In the absence of an Id, you would assume that you wish to create a new record i.e INSERT another row into the table.

Your table layout would also change to one containing everything in one row.

If you get an id, your UPDATE would be:

UPDATE pagemeta SET
telephone=$_POST[telephone],
email=$_POST[email],
icon=$+POST[icon]
WHERE id=$_POST[id]

NB The above SQL is for illustrative purposes only. In reality you must validate your form input to avoid SQL injection attacks

Answer 2

Ok. You are sitting inside your PHP IDE looking at some global variables and thinking 'How can I smash these into a database?'

Any decent IDE will already be warning you about using a Superglobal to retrieve data. What the IDE won't tell you is that doing what you are doing will get exploited if you ever publish it to the web.

It sounds like you are right at the start of your journey so to answer your question as you asked it:

$conn = new mysqli("servername", "username", "password", "dbname");
    foreach($_POST as $key => $value) {
        $sql = "UPDATE pagemeta SET property_value = $value WHERE page_property = $key"
        $conn->query($sql)
    }
$conn->close()

Answer 3

With this database structure, you are going to need 3 queries to update 3 values which in my opinion is pretty bad...

UPDATE pagemeta SET property_value = $_POST['telephone'] WHERE page_property = 'telephone'
UPDATE pagemeta SET property_value = $_POST['email'] WHERE page_property = 'email'
UPDATE pagemeta SET property_value = $_POST['icon'] WHERE page_property = 'icon'

You might want to rethink your database structure, I'm not sure what you win with your structure instead of doing it normal and creating a column called telephone, another called email and a last one called icon

PD: Please use prepared statements