I am trying to check associative array value if it is numeric, here is my code
$data = array('fullname'=>'Salah Saed', 'age'=>'33', 'gender'=>'Female');
public function insert($data, $table){
/*$query = "INSERT INTO `oop_crud`.`customers` (";
$query .= "`fullname` , `age` , `gender` )";
$query .= "VALUES ('".$fullname."', '".$age."', '".$gender."')";
*/
$feilds = array();
$feilds_value = array();
foreach ($data as $field => $field_value){
$feilds[] = $field;
echo $field;
if (is_numeric($field_value)){
$feilds_value[] = $field_value;
}else{
$feilds_value[] = "'".$field_value."'";
}
}
$query = "INSERT INTO ".$table." (";
$query .= implode(',', $feilds).")";
$query .= "VALUES (";
$query .= implode(',',$feilds_value).")";
echo $query;
It returns string, so what is wrong with my code, in the condition section i used $field_value and this variable has array data, sow how to get array value.
First of all, MySQL inserts are type-independent, so
SET UserAge = '33'
is the same as
SET UserAge = 33
so you would be safer to just add quotes. That said, you're safest if you search for prepared statements using PDO (aka parametrized queries). Take a look at that
http://php.net/is_numeric is supposed to recognize values like 0x539 and 0b10100111001 which may not be recognized by MySQL; you would need to check these cases.
Here is simplified version of your function, in case you want to improve your query generator function,
function insert($data, $table){
$column_sql = '`' . implode('`,`', array_keys($data)) . '`';
$record_sql = "'" . implode("','", $data) . "'";
return "INSERT INTO `{$table}` ({$column_sql}) VALUES ({$record_sql})";
}
Feeding it $data and test will give
INSERT INTO `test` (`fullname`,`age`,`gender`) VALUES ('Salah Saed','33','Female')
NOTE: Need to escape values mysqli_real_escape_string(), i'll leave that upto you, as an exercise :)