Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!defined('VALID_ACCESS')) {
- echo -8;
- die('You don\'t belong here!');
- }
- // Gets called from the form handling code
- // $rows is an array containing form data for each new row in the table
- // $len is the length of the array
- function insertRows($rows, $len) {
- $query = prepareQuery($rows, $len);
- $con = new db('localhost', 'root', 'shibboleet', 'test');
- if (mysqli_connect_errno()) {
- echo -4;
- die('Couldn\'t connect to database! ' . mysqli_connect_error());
- }
- else {
- if (!($stmt = $con->prepare($query))) {
- echo -5;
- die('Couldn\'t connect to database! ' . $con->error);
- }
- bindParams($rows, $len, $stmt);
- if ($stmt->execute()) {
- echo 0;
- }
- else {
- echo -9;
- die('Error: ' . $stmt->error . '<br/>');
- }
- $stmt->close();
- }
- $con->close();
- }
- // This function prepares the format of the prepared statement by figuring out
- // how many rows are to be inserted and how many columns will each row contain.
- // Then it just appends the required number of '?' and wraps them in '()'.
- // $sepr = ','
- // $typeMap contains descriptors for each column of data - 's' or 'i'
- // $colMap contains the column names
- function prepareQuery($rows, $len) {
- global $base, $sepr, $typeMap, $colMap;
- $str = $base . '(' . implode($sepr, $colMap) . ') VALUES ';
- $entries = 0;
- for ($i = 0; $i < $len; $i++) {
- $toAppend = true;
- $query = '(';
- $tycnt = count($typeMap) - 1;
- $ncols = substr_count($rows[$i], $sepr);
- if ($ncols == $tycnt) {
- for ($j = 0; $j < $ncols; $j++) {
- $query .= '?,';
- }
- $query .= '?';
- }
- else {
- $toAppend = false;
- }
- $query .= ')';
- if ($i < ($len-1)) {
- $query .= ',';
- }
- if ($toAppend) {
- $str .= $query;
- $entries++;
- }
- }
- $str .= ';';
- if ($entries == 0) {
- echo -7;
- die('No valid entries provided!');
- }
- echo $str . '<br/>';
- return $str;
- }
- // This binds the form data to the prepared statement. The form data is in the format
- // <row1_col1>,<row1_col2>,....,<row1_coln>;<row2_col1>,<row2_col2>,...,<row2_coln>;....
- // where each <rowi_coli> is base64 encoded.
- function bindParams($rows, $len, $stmt) {
- global $sepr, $typeMap;
- for ($i = 0; $i < $len; $i++) {
- $tycnt = count($typeMap);
- $cols = explode($sepr, $rows[$i]);
- if (count($cols) == $tycnt) {
- for ($j =0; $j < $tycnt; $j++) {
- $prm = base64_decode($cols[$j]);
- if ($prm == '') {
- $prm = NULL;
- }
- $cols[$j] = $prm;
- $stmt->mbind_param($typeMap[$j], $cols[$j]);
- }
- }
- }
- }
- class db extends mysqli {
- public function prepare($query) {
- return new stmt($this,$query);
- }
- }
- class stmt extends mysqli_stmt {
- public function __construct($link, $query) {
- $this->mbind_reset();
- parent::__construct($link, $query);
- }
- public function mbind_reset() {
- unset($this->mbind_params);
- unset($this->mbind_types);
- $this->mbind_params = array();
- $this->mbind_types = array('');
- }
- public function mbind_param($type, &$param) {
- $this->mbind_types[0].= $type;
- $this->mbind_params[] = &$param;
- }
- public function mbind_param_do() {
- $params = array_merge($this->mbind_types, $this->mbind_params);
- return call_user_func_array(array($this, 'bind_param'),
- $this->makeValuesReferenced($params));
- }
- private function makeValuesReferenced($arr){
- $refs = array();
- foreach($arr as $key => $value) {
- $refs[$key] = &$arr[$key];
- }
- return $refs;
- }
- public function execute() {
- if(count($this->mbind_params)) {
- if (!$this->mbind_param_do()) {
- echo -11;
- die('Error binding parameters! ' . $this->error . '<br/>');
- }
- }
- return parent::execute();
- }
- private $mbind_types = array('');
- private $mbind_params = array();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
