updateProperty: Insert date causes SQL error

[You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"2009-11-29 17:53:49\" WHERE id = 1']

Hi there. I am using the modified class from  Downlord and I am trying to insert a date into the DB. But whatever I write I always get a MySQL error like ?
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"2009-11-29 17:53:49\" WHERE id = 1'.

Other MySQL commands (the first two) work fine. But how do I have to write and formate the date to pass it through and save it?
$update = array(
    'loginCount' => 'loginCount+1',
    'lastLogin' => 'NOW()',
    'lastVisit' => '"2009-11-29 17:53:49"'
    );
$user->updateProperty($update);?>

That is the updateProperty method from the userclass:
public function updateProperty($properties)
  {
    if(is_array($properties) && count($properties) > 0)
    {
      $i=1;
      $query = "UPDATE ".$this->dbTable." SET ";

      foreach($properties AS $k => $v)
      {
        /*if($k == $tbFields['pass'])
        {
          switch(strtolower($this->passMethod))
          {
            case 'sha1':
              $v = sha1($v);
              break;
            case 'md5' :
              $v = md5($v);
              break;
            default:
          }
        }*/
        $query .= "".$this->escape($k)." = ".$this->escape($v)."".(($i++ < count($properties)) ? ', ' : ' ');
      }

      $query .= "WHERE ".$this->tbFields['userID']." = ".$this->userID."";
      if($this->mysqli->query($query))
        return true;
      else
      {
        $this->error($this->mysqli->error, __LINE__);
        return false;
      }
    }
  else
    return false;
  }
?>

[Join us @ facebook]

It looks like the function is incomplete. Please expect a new version later (I've already have a draft but needs some stuff to release)

Until then update the table with queries. Bellow is an untested updateProperty() function for the new release, but it is not working with mysqli. Maybe you can play with that:

public function updateProperty($properties) {

    if(is_array($properties) && count($properties) > 0) {

      $i=1;

      $query = "UPDATE `".$this->dbTable."` SET ";

      $c = count($properties);//a small optimization :)

      foreach($properties AS $k => $v) {

        $v = ($k == $tbFields['pass']) ? $this->encode_password($v) : $v;

        $query .= '`'.$this->escape($k)."` = '".$this->escape($v)."'".(($i++ < $c) ? ', ' : ' ');

      }

      $query .= "WHERE `".$this->tbFields['userID']."` = '".$this->userID."'";

      return mysql_query($query, $this->dbConn); 

    }

    return false;

  }
?>

In case you find any bugs, please let me know, I haven't even executed this code before

Thanks for your quick response. The code you posted does help in case I want to insert only strings in the DB but with the backticks at '".$this->escape($v)."'" I can't insert MySQL code anymore (like NOW() for example).

I think the problem is the escape method which escapes the " when I declare a string in my array ('lastVisit' => '"2009-11-29 17:53:49"')

[Join us @ facebook]

If you want this only for the NOW() function you can use the php date() function instead. I know it is better to use NOW() but it will work (at least until we find a fast way to do this with the class)

I think I stick with the auto escape function in updateProperty and use for some fields the old and ordinary query function of mysql :-)

I noticed that the query method is a private function. That results in "Fatal error: Call to private method flexibleAccess::query() from context" when I try to update.

Code:

$user->query("UPDATE `{$user->dbTable}` SET `lastVisit` = `2008-09-09 18:18:00`, `lastLogin` = NOW(), `loginCount` = loginCount+1 WHERE `{$user->tbFields['userID']}` = '{$user->userID}' LIMIT 1", __LINE__);

In example3.php you use $user->query() as well.

Code:

if ($user->query("UPDATE `{$user->dbTable}` SET `{$user->tbFields['active']}` = 1 WHERE `activationHash` = '$hash' LIMIT 1", __LINE__))

Can you help?

[Join us @ facebook]

Yeah, it should be a public function. Just replace "private" with "public" and it will work. This wont affect anything else

Ok, that's cool :-) Now it works. I had to change {$user->dbTable} and {$user->tbFields['userID']} 'cause they were private as well. I set them directly into my script instead of setting them public. I am not much familiar with OO but I think it is not a bad idea to make theses vars private :-)

[Join us @ facebook]

I guess after the first php5 release we will have to check several things regarding the future development

[Guest]

[62.885]

Googlebot