1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 8:28 pm May 1, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Help with autoupdate

Autoupdate PHP script

         

country

5:54 pm on Mar 4, 2008 (gmt 0)

10+ Year Member



I am new to this forum and PHP/MySQL and am learning.

I have a problem that I can't figure out. This is for an autoupdate script and I cannot get it to work.

Here is the code:

<?
require_once (#*$!);

// File can be anywhere on the Internet
$FeedFile = 'C:\wamp\www\test\example.txt';

mysql_query("drop table vendor_temp");
mysql_query("CREATE TABLE vendor_temp (
ProductName blob NOT NULL,
LDescription blob NOT NULL,
SDescription blob NOT NULL,
Sku varchar(50) NOT NULL default '',
PRIMARY KEY (sku),
Brand varchar(50) NOT NULL default '',
SalePrice varchar(7) NOT NULL default '0.00',
Keywords blob NOT NULL default,
RetailPrice varchar(7) NOT NULL default '0.00',
BuyLinkURL blob NOT NULL,
TrackingURL blob NOT NULL,
ImageURL blob NOT NULL,
ThumbURL blob NOT NULL,
Category varchar(100) NOT NULL default '',
SCategory varchar (100) NOT NULL default'',
ProdGroup varchar (100) NOT NULL default '',)") or die(mysql_error());

$feed = fopen($FeedFile, 'r');

$rowNum = 0;
$recCount = 0;

while($data = fgetcsv($feed, 3000, "\t")){
if($rowNum > 0){

$iProductName = addslashes($data[2]);
$iLDescription = addslashes($data[4]);
$iSDescription = addslashes($data[5]);
$iSku = addslashes($data[1]);
$iBrand = addslashes($data[2]);
$iSalePrice = addslashes($data[14]);
$iKeywords = addslashes($data[12]);
$iRetailPrice = addslashes($data[13]);
$iBuyLinkURL = addslashes($data[11]);
$iTrackingURL = addslashes($data[15]);
$iImageURL = addslashes($data[10]);
$iThumbURL = addslashes($data[9]);
$iCategory = addslashes($data[6]);
$iSCategory = addslashes($data[7]);
$iProdGroup = addslashes($data[8]);

$sql = mysql_query("insert into vendor_temp (ProdName, LDescription, SDescription, Sku, Brand, SalePrice, Keywords, RetailPrice, BuyLinkURL, TrackingURL, ImageURL, ThumbURL, Category, SCategory, ProdGroup)
values
('$iProdName', '$iLDescription', '$iSDescription', '$iSku', '$iBrand', '$iSalePrice', '$iKeywords', '$iRetailPrice', '$iBuyLinkURL', '$iTrackingURL', '$iImageURL', '$iThumbURL', '$iCategory', '$iSCategory', '$iProdGroup')") or die(mysql_error());
$recCount++;
}

mysql_query("drop table vendor");
mysql_query("ALTER TABLE vendor_temp RENAME vendor") or die(mysql_error());

$to = "<email>";
$subj = "Vendor Database Table Update Report";
$mssg = "This is an automated email. The Vendor Table update has
completed successfully.\n\nThe total number or items loaded was
$recCount.\n\n";
$hdrs = "From: $to\n";
mail($to, $subj, $mssg, $hdrs);
gzclose ($FeedFile);
echo "Avantlink Vendor Import Completed Successfully";}
?>

Here is what I get in return:

0){ $iProductName = addslashes($data[2]); $iLDescription = addslashes($data[4]); $iSDescription = addslashes($data[5]); $iSku = addslashes($data[1]); $iBrand = addslashes($data[2]); $iSalePrice = addslashes($data[14]); $iKeywords = addslashes($data[12]); $iRetailPrice = addslashes($data[13]); $iBuyLinkURL = addslashes($data[11]); $iTrackingURL = addslashes($data[15]); $iImageURL = addslashes($data[10]); $iThumbURL = addslashes($data[9]); $iCategory = addslashes($data[6]); $iSCategory = addslashes($data[7]); $iProdGroup = addslashes($data[8]); $sql = mysql_query("insert into vendor_temp (ProdName, LDescription, SDescription, Sku, Brand, SalePrice, Keywords, RetailPrice, BuyLinkURL, TrackingURL, ImageURL, ThumbURL, Category, SCategory, ProdGroup) values ('$iProdName', '$iLDescription', '$iSDescription', '$iSku', '$iBrand', '$iSalePrice', '$iKeywords', '$iRetailPrice', '$iBuyLinkURL', '$iTrackingURL', '$iImageURL', '$iThumbURL', '$iCategory', '$iSCategory', '$iProdGroup')") or die(mysql_error()); $recCount++; } mysql_query("drop table vendor"); mysql_query("ALTER TABLE vendor_temp RENAME vendor") or die(mysql_error()); $to = ""; $subj = "Vendor Database Table Update Report"; $mssg = "This is an automated email. The vendor Table update has completed successfully.\n\nThe total number or items loaded was $recCount.\n\n"; $hdrs = "From: $to\n"; mail($to, $subj, $mssg, $hdrs); gzclose ($FeedFile); echo "Avantlink Vendor Import Completed Successfully"; ?>

Some of the information has been changed to protect my source and login.

My understanding is this means an open tag, I think it may be at "while($data = fgetcsv($feed, 3000, "\t")){
if($rowNum > 0){"
but where do I close it?

Any thoughts would very much appreciated.

AL

P.S. Also ran it through Syntax checker and it showed no problem.
Reply With Quote

PHP_Chimp

8:52 pm on Mar 4, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The while loop is closed on the last line of your code, as that is the other }.

You need to look at mysql_real_escape_string [uk3.php.net] or the mysqli [uk3.php.net] version, as addslashes are not making that data safe.
If you have php5 then use the mysqli version as this is encoding safe, the mysql_ version is not encoding safe, although the database may well save you if that has been updated.

You can use array_walk [uk3.php.net] to get everything through mysql_real_escape_string. 


while($data = fgetcsv($feed, 3000, "\t")){
array_walk($data, 'mysql_real_escape_string'); // mysqli_real_escape_string on PHP5
if($rowNum > 0){
$iProductName = $data[2];
$iLDescription = $data[4];
$iSDescription = $data[5];
$iSku = $data[1];
$iBrand = $iProductName; // $data[2];
$iSalePrice = $data[14]; 
// ..

Unfortunately I cant take credit the genius of array_walk, its one of the mods...cant remember who (sorry) but it does save a lot of work :)

You may also want to look at the $sql statement, as your variables are in ', so they will not get the values in there. If you want the values then use ".

When you say this is what you get in return what do you mean? (its late and your code is long, so I may be missing something in there)
As there is no echo statement in your code. I would suggest adding an echo so you can see the result of each query. 


$sql = mysql_query("insert into vendor_temp (ProdName, LDescription, SDescription, Sku, Brand, SalePrice, Keywords, RetailPrice, BuyLinkURL, TrackingURL, ImageURL, ThumbURL, Category, SCategory, ProdGroup)
values
('$iProdName', '$iLDescription', '$iSDescription', '$iSku', '$iBrand', '$iSalePrice', '$iKeywords', '$iRetailPrice', '$iBuyLinkURL', '$iTrackingURL', '$iImageURL', '$iThumbURL', '$iCategory', '$iSCategory', '$iProdGroup')") or die(mysql_error());
$recCount++;
[b]echo $sql;[/b] // for TESTING only, comment out for live use
}

As then each time the for loop completes you will get to see the actual sql query used. This is obviously only for testing, as you dont want people to see that for production. But this will help during testing.

Also use [code] blocks around your code to make it a little smaller, then people dont have to scroll for half an hour to get to the bottom ;)

Welcome to WebMaster world.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 8:28 pm May 1, 2026