а

Problem in multi field primary key in database


#1
  1. Subject. I have a table(not the only one) where primary key consists of two columns. May be somebody have a solution, with php form connector. I managed to fix it with beforeUpdate event, running quiery in handler, but framework not making safe values, so hacker can break in, the only thing I used is addcslashes. Many libraries support placeholder for sql values , is it apply to PDO, how?

  2. While first solution is working, ugly, Im still not managed to work dataview with multicolumn primary key.

<?php
require_once('../dx/connector/form_connector.php');
require_once 'common.inc.php';

$form = new FormConnector($conn);

function my_update($data){
	global $conn,$form;
	$script=addslashes($data->get_value("script"));
	$id=(int)addslashes($data->get_value("id"));
	$description=addslashes($data->get_value("description"));
	$keywords=addslashes($data->get_value("keywords"));

	$form->sql->query("UPDATE meta SET description='{$description}', keywords='{$keywords}' where id={$id} and script='{$script}'");
	//success() marks operation as finished and stops any further action processing
	$data->success();
}
$form->event->attach("beforeUpdate","my_update");

$form->render_table("meta","script","script,id,description,keywords");

#2
  1. Another problem and workaround, dataview_connector. landing and name are primary key. So I opening different views for each id, and pass it as get parameter
  2. column “value” gives me a problem. Is it best way to define alias?
<?php
require_once('../dx/connector/dataview_connector.php');
require_once 'common.inc.php';

$data = new DataViewConnector($conn);
if ($data->is_select_mode()) {
	$id=(int)addslashes($_GET['id']);
	$data->render_sql("Select *, value as text from landing_vars where landing={$id}","name","landing,name,type,text");
} else {
	$data->render_table("landing_vars","landing","landing, name, type, value");
}