--- branches/pear-db/admin/include/insert.php 2004/03/05 13:42:57 47
+++ branches/pear-db/admin/include/insert.php 2004/03/06 02:44:16 55
@@ -70,23 +70,12 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($coursesub) > 0) $coursesub = textInmySQL($coursesub);
- if (strlen($coursesub_descr) > 0) $coursesub_descr = textInmySQL($coursesub_descr);
- if (strlen($cip_code) > 0) $cip_code = textInmySQL($cip_code);
// Set up SQL
- $sql = "INSERT INTO coursesub (coursesub, coursesub_descr, cip_code, campus_id) VALUES ('"
- . $coursesub
- . "', '"
- . $coursesub_descr
- . "', '"
- . $cip_code
- . "', "
- . $campus_id
- . ")";
+ $sql = "INSERT INTO coursesub (coursesub, coursesub_descr, cip_code, campus_id) VALUES ( ? , ? , ? , ? )";
// Write the new row to the database
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $coursesub, $coursesub_descr, $cip_code, $campus_id)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -147,25 +136,13 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($faculty_lastname) > 0) $faculty_lastname = textInmySQL($faculty_lastname);
- if (strlen($faculty_firstname) > 0) $faculty_firstname = textInmySQL($faculty_firstname);
- if (strlen($faculty_email) > 0) $faculty_email = textInmySQL($faculty_email);
- if (strlen($faculty_account) > 0) $faculty_account = textInmySQL($faculty_account);
// Set up SQL
$sql = "INSERT INTO faculty (faculty_lastname, faculty_firstname,
- faculty_email, faculty_account) VALUES ('"
- . $faculty_lastname
- . "', '"
- . $faculty_firstname
- . "', '"
- . $faculty_email
- . "', '"
- . $faculty_account
- . "')";
+ faculty_email, faculty_account) VALUES ( ? , ? , ? , ? )";
// Write the new row to the database
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $faculty_lastname, $faculty_firstname, $faculty_email, $faculty_account)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -224,21 +201,12 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($feature) > 0) $feature = textInmySQL($feature);
- if (strlen($image_alt) > 0) $image_alt = textInmySQL($image_alt);
- if (strlen($image_path) >0) $image_path = textInmySQL($image_path);
// Set up SQL
- $sql = "INSERT INTO feature (feature, image_alt, image_path) VALUES ('"
- . $feature
- . "', '"
- . $image_alt
- . "', '"
- . $image_path
- . "')";
+ $sql = "INSERT INTO feature (feature, image_alt, image_path) VALUES ( ? , ? , ? )";
// Write the new row to the database
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $feature, $image_alt, $image_path)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -299,19 +267,12 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($infotype) > 0) $infotype = textInmySQL($infotype);
// Set up SQL
- $sql = "INSERT INTO infotype (infotype, masterinfotype_id, mastersubject_id) VALUES ('"
- . $infotype
- . "', "
- . $masterinfotype_id
- . ", "
- . $mastersubject_id
- . ")";
+ $sql = "INSERT INTO infotype (infotype, masterinfotype_id, mastersubject_id) VALUES ( ? , ? , ? )";
// Write the new row to the database
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $infotype, $masterinfotype_id, $mastersubject_id)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -387,26 +348,20 @@
// Add only if no errors encountered
if ($err_code == 0) {
- if (strlen($libunit) > 0) $libunit = textInmySQL($libunit);
- if (strlen($libunit_abbrev) > 0) $libunit_abbrev = textInmySQL($libunit_abbrev);
- $sql = "INSERT INTO libunit (libunit, libunit_abbrev, head_staff_id) VALUES ('"
- . $libunit
- . "', '"
- . $libunit_abbrev
- . "', "
- . $head_staff_id
- . ")";
+ $sql = "INSERT INTO libunit (libunit, libunit_abbrev, head_staff_id) VALUES ( ? , ? , ? )";
// Write the new row to the database
xx_query ("LOCK TABLE libunit WRITE", $con);
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $libunit, $libunit_abbrev, $head_staff_id)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
}
else {
- $libunit_id = xx_insert_id($con);
+ // $libunit_id = xx_insert_id($con)
+ $insert_res = xx_prepare_execute("select 1 as id from libunit where libunit = ? and libunit_abbrev = ? and head_staff_id = ?", $libunit, $libunit_abbrev, $head_staff_id);
+ list($libunit_id) = $insert_res->fetchRow(DB_FETCHMODE_ORDERED);
xx_query("UNLOCK TABLES", $con);
formLibunit($con, $libunit_id);
}
@@ -470,50 +425,14 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($location) > 0) $location = textInmySQL($location);
- if (strlen($location_descr) > 0) $location_descr = textInmySQL($location_descr);
- if (strlen($campus) > 0) $campus = textInmySQL($campus);
- if (strlen($address1) > 0) $address1 = textInmySQL($address1);
- if (strlen($address2) > 0) $address2 = textInmySQL($address2);
- if (strlen($address3) > 0) $address3 = textInmySQL($address3);
- if (strlen($address4) > 0) $address4 = textInmySQL($address4);
- if (strlen($telephone) > 0) $telephone = textInmySQL($telephone);
- if (strlen($mainURL) > 0) $mainURL = textInmySQL($mainURL);
- if (strlen($referenceURL) > 0) $referenceURL = textInmySQL($referenceURL);
- if (strlen($mapURL) > 0) $mapURL = textInmySQL($mapURL);
- if (strlen($hoursURL) > 0) $hoursURL = textInmySQL($hoursURL);
// Set up SQL
$sql = "INSERT INTO location (location, location_descr, campus, address1,
address2, address3, address4, telephone, mainURL, referenceURL,
- mapURL, hoursURL) VALUES ('"
- . $location
- . "', '"
- . $location_descr
- . "', '"
- . $campus
- . "', '"
- . $address1
- . "', '"
- . $address2
- . "', '"
- . $address3
- . "', '"
- . $address4
- . "', '"
- . $telephone
- . "', '"
- . $mainURL
- . "', '"
- . $referenceURL
- . "', '"
- . $mapURL
- . "', '"
- . $hoursURL
- . "')";
+ mapURL, hoursURL) VALUES ( ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? )";
// Write the new row to the database
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $location, $location_descr, $campus, $address1, $address2, $address3, $address4, $telephone, $mainURL, $referenceURL, $mapURL, $hoursURL)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -567,79 +486,37 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($annotation) > 0) $annotation = textInmySQL($annotation);
- if (strlen($author) > 0) $author = textInmySQL($author);
- if (strlen($call_no) > 0) $call_no = textInmySQL($call_no);
- if (strlen($cat_num) > 0) $cat_num = textInmySQL($cat_num);
- if (strlen($coverage_detail) > 0) $coverage_detail = textInmySQL($coverage_detail);
- if (strlen($edition) > 0) $edition = textInmySQL($edition);
- if (strlen($other_title) > 0) $other_title = textInmySQL($other_title);
- if (strlen($pub_date) > 0) $pub_date = textInmySQL($pub_date);
- if (strlen($publisher) > 0) $publisher = textInmySQL($publisher);
- if (strlen($sources_indexed) > 0) $sources_indexed = textInmySQL($sources_indexed);
- if (strlen($title) > 0) $title = textInmySQL($title);
- if (strlen($url) > 0) $url = textInmySQL($url);
// Build the SQL
$sql = "INSERT INTO resource (annotation, author, call_no, cat_num,
coverage_detail, date_created, date_modified, edition,
infotype_id, other_title, pub_date, publisher, sources_indexed,
- title, url, account_created) VALUES ('"
- . $annotation
- . "', '"
- . $author
- . "', '"
- . $call_no
- . "', '"
- . $cat_num
- . "', '"
- . $coverage_detail
- . "', now(), now(), '"
- . $edition
- . "', "
- . $infotype_id
- . ", '"
- . $other_title
- . "', '"
- . $pub_date
- . "', '"
- . $publisher
- . "', '"
- . $sources_indexed
- . "', '"
- . $title
- . "', '"
- . $url
- . "', '"
- . $sess_staff_account
- . "')";
+ title, url, account_created) VALUES ( ? , ? , ? , ? , ? , now(), now(), ? , ? , ? , ? , ? , ? , ? , ? , ? )";
// Debugging
// printf("sql was: %s
", $sql);
// Write the new record to the database
xx_query ("LOCK TABLE resource WRITE", $con);
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $annotation, $author, $call_no, $cat_num, $coverage_detail, $edition, $infotype_id, $other_title, $pub_date, $publisher, $sources_indexed, $title, $url, $sess_staff_account)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
}
else {
- $resource_id = xx_insert_id($con);
+ // $resource_id = xx_insert_id($con)
+ $insert_res = xx_prepare_execute("select 1 as id from resource where annotation = ? and author = ? and call_no = ? and cat_num = ? and coverage_detail = ? and date_created = ? and date_modified = ? and edition = ? and infotype_id = ? and other_title = ? and pub_date = ? and publisher = ? and sources_indexed = ? and title = ? and url = ? and account_created = ?", $annotation, $author, $call_no, $cat_num, $coverage_detail, $edition, $infotype_id, $other_title, $pub_date, $publisher, $sources_indexed, $title, $url, $sess_staff_account);
+ list($resource_id) = $insert_res->fetchRow(DB_FETCHMODE_ORDERED);
xx_query("UNLOCK TABLES", $con);
// Now set up this resource with its first mastersubject
// Note that id#1 = N/A and id#2 = (All), and are not used here.
if ($mastersubject_id > 2) {
- $sql = "INSERT INTO res_mastersubject (resource_id, mastersubject_id) VALUES ("
- . $resource_id
- . ", "
- . $mastersubject_id
- . ")";
+ $sql = "INSERT INTO res_mastersubject (resource_id, mastersubject_id) VALUES ( ? , ? )";
// Write the new res_mastersubject to the database
xx_query ("LOCK TABLE res_mastersubject WRITE", $con);
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $resource_id, $mastersubject_id)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -717,27 +594,22 @@
if ($err_code == 0){
// Clean up strings
- $newValue = textInmySQL($newValue);
// Build the SQL
- $sql = "INSERT INTO "
- . $table
- ." ("
- . $field
- . ") VALUES ('"
- . $newValue
- . "')";
+ $sql = "INSERT INTO ? ( ? ) VALUES ( ? )";
// Debugging
// printf("sql was: %s
", $sql);
- if (!xx_query ($sql, $con)){
+ if (!xx_prepare_execute($sql, $table, $field, $newValue)){
sql_err($sql);
xx_query ("UNLOCK TABLES", $con);
bailout();
}
else {
- $new_id = xx_insert_id($con);
+ // $new_id = xx_insert_id($con)
+ $insert_res = xx_prepare_execute("select 1 as id from ? where ? = ?", $table, $field, $newValue);
+ list($new_id) = $insert_res->fetchRow(DB_FETCHMODE_ORDERED);
xx_query ("UNLOCK TABLES", $con);
printf("%s %s successfully added.\n", $display, $newValue_display);
}
@@ -784,53 +656,23 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($address1) > 0) $address1 = textInmySQL($address1);
- if (strlen($address2) > 0) $address2 = textInmySQL($address2);
- if (strlen($address3) > 0) $address3 = textInmySQL($address3);
- if (strlen($address4) > 0) $address4 = textInmySQL($address4);
- if (strlen($email) > 0) $email = textInmySQL($email);
- if (strlen($fax) > 0) $fax = textInmySQL($fax);
- if (strlen($service) > 0) $service = textInmySQL($service);
- if (strlen($serviceDescr) > 0) $serviceDescr = textInmySQL($serviceDescr);
- if (strlen($serviceURL) > 0) $serviceURL = textInmySQL($serviceURL);
- if (strlen($telephone) > 0) $telephone = textInmySQL($telephone);
// Set up SQL
$sql = "INSERT INTO service (address1, address2, address3, address4,
email, fax, nonaff, service, serviceDescr, serviceURL,
- telephone) VALUES ('"
- . $address1
- . "', '"
- . $address2
- . "', '"
- . $address3
- . "', '"
- . $address4
- . "', '"
- . $email
- . "', '"
- . $fax
- . "', '"
- . $nonaff
- . "', '"
- . $service
- . "', '"
- . $serviceDescr
- . "', '"
- . $serviceURL
- . "', '"
- . $telephone
- . "')";
+ telephone) VALUES ( ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? )";
// Write the new row to the database
xx_query ("LOCK TABLE service WRITE", $con);
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $address1, $address2, $address3, $address4, $email, $fax, $nonaff, $service, $serviceDescr, $serviceURL, $telephone)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
}
else {
- $service_id = xx_insert_id($con);
+ // $service_id = xx_insert_id($con)
+ $insert_res = xx_prepare_execute("select 1 as id from service where address1 = ? and address2 = ? and address3 = ? and address4 = ? and email = ? and fax = ? and nonaff = ? and service = ? and serviceDescr = ? and serviceURL = ? and telephone = ?", $address1, $address2, $address3, $address4, $email, $fax, $nonaff, $service, $serviceDescr, $serviceURL, $telephone);
+ list($service_id) = $insert_res->fetchRow(DB_FETCHMODE_ORDERED);
xx_query("UNLOCK TABLES", $con);
formService($con, $service_id);
}
@@ -904,33 +746,17 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($first_name) > 0) $first_name = textInmySQL($first_name);
- if (strlen($last_name) > 0) $last_name = textInmySQL($last_name);
- if (strlen($staff_account) > 0) $staff_account = textInmySQL($staff_account);
- if (strlen($staff_email) > 0) $staff_email = textInmySQL($staff_email);
// Set up SQL
$sql = "INSERT INTO staff (access_id, first_name, last_name, stafftitle_id,
- staff_account, staff_email) VALUES ("
- . $access_id
- . ", '"
- . $first_name
- . "', '"
- . $last_name
- . "', "
- . $stafftitle_id
- . ", '"
- . $staff_account
- . "', '"
- . $staff_email
- . "')";
+ staff_account, staff_email) VALUES ( ? , ? , ? , ? , ? , ? )";
// Debugging
// printf("sql was: %s
\n", $sql);
// Write the new row to the database
xx_query ("LOCK TABLE staff WRITE", $con);
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $access_id, $first_name, $last_name, $stafftitle_id, $staff_account, $staff_email)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -938,7 +764,9 @@
else {
// Success, call formStaff back.
- $staff_id = xx_insert_id($con);
+ // $staff_id = xx_insert_id($con)
+ $insert_res = xx_prepare_execute("select 1 as id from staff where access_id = ? and first_name = ? and last_name = ? and stafftitle_id = ? and staff_account = ? and staff_email = ?", $access_id, $first_name, $last_name, $stafftitle_id, $staff_account, $staff_email);
+ list($staff_id) = $insert_res->fetchRow(DB_FETCHMODE_ORDERED);
xx_query("UNLOCK TABLES", $con);
formStaff($con, $staff_id);
}
@@ -1002,24 +830,12 @@
if ($err_code == 0) {
// Clean up strings
- if (strlen($css_file) > 0) $css_file = textInmySQL($css_file);
- if (strlen($footer_file) > 0) $footer_file = textInmySQL($footer_file);
- if (strlen($header_file) > 0) $header_file = textInmySQL($header_file);
- if (strlen($style_title) > 0) $style_title = textInmySQL($style_title);
// Set up SQL
- $sql = "INSERT INTO style (css_file, footer_file, header_file, style_title) VALUES ('"
- . $css_file
- . "', '"
- . $footer_file
- . "', '"
- . $header_file
- . "', '"
- . $style_title
- . "')";
+ $sql = "INSERT INTO style (css_file, footer_file, header_file, style_title) VALUES ( ? , ? , ? , ? )";
// Write the new row to the database
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $css_file, $footer_file, $header_file, $style_title)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
@@ -1071,39 +887,27 @@
if ($err_code == 0) {
// Clean up strings
- $subject = textInmySQL($subject);
- if (strlen($subject_descr) > 0) $subject_descr = textInmySQL($subject_descr);
// Set up SQL
- $sql = "INSERT INTO subject (subject, subject_descr, sublocation_id, rqs_date_created, rqs_account_created) VALUES ('"
- . $subject
- . "', '"
- . $subject_descr
- . "', "
- . $sublocation_id
- . ", now(), '"
- . $sess_staff_account
- . "')";
+ $sql = "INSERT INTO subject (subject, subject_descr, sublocation_id, rqs_date_created, rqs_account_created) VALUES ( ? , ? , ? , now(), ? )";
// Write the new row to the database
xx_query ("LOCK TABLE subject WRITE", $con);
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $subject, $subject_descr, $sublocation_id, $sess_staff_account)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();
}
else {
- $subject_id = xx_insert_id($con);
+ // $subject_id = xx_insert_id($con)
+ $insert_res = xx_prepare_execute("select 1 as id from subject where subject = ? and subject_descr = ? and sublocation_id = ? and rqs_account_created = ?", $subject, $subject_descr, $sublocation_id, $sess_staff_account);
+ list($subject_id) = $insert_res->fetchRow(DB_FETCHMODE_ORDERED);
xx_query("UNLOCK TABLES", $con);
// Insert this staff person as an assigned staff member to this subject
- $sql = "INSERT INTO sub_staff (subject_id, staff_id) VALUES ("
- . $subject_id
- . ", "
- . $sess_staff_id
- . ")";
+ $sql = "INSERT INTO sub_staff (subject_id, staff_id) VALUES ( ? , ? )";
- if (!xx_query($sql, $con)){
+ if (!xx_prepare_execute($sql, $subject_id, $sess_staff_id)){
sql_err($con);
xx_query ("UNLOCK TABLES", $con);
bailout();