litesql.class.php

1. <?php
2.  
3. /** A class for handling SQL */
4. class LiteSQL {
5.    
6.     private $prepared_statements = array();
7.     private $sql = null;
8.    
9.     /** Initializes the SQL Connection */
10.     public function __construct(){
11.        if(!$this->OpenSQL()){
12.             exit();
13.        }
14.     }
15.    
16.     /** Closes the SQL connection and destroys the object */
17.     public function __destruct(){
18.         $this->CloseSQL();
19.     }
20.    
21.     /**
22.      * Escapes a string for sql injection
23.      * @param String $str
24.      */
25.     public function escapeString($str){
26.         return $this->sql->real_escape_string(strip_tags($str));
27.     }
28.    
29.     /**
30.      * Executes prepared statement
31.      * @param String $prepareTitle The prepared statement to execute
32.      * @param Boolean $return If set to true, will return a ResultSet
33.      * @return Object The value of the execution
34.      */
35.      
36.     public function executePreparedStatement($prepareTitle, $return = false, $binds = array()){
37.         $result = null;
38.         if(sizeof($binds) > 0){
39.             $tmp = array();
40.             foreach($binds as $key => $value) $tmp[$key] = &$binds[$key];
41.             call_user_func_array(array($this->prepared_statements[$prepareTitle], 'bind_param'), $tmp);
42.        
43.         $ret = $this->prepared_statements[$prepareTitle]->execute();
44.         if($return){
45.             $ret = $this->prepared_statements[$prepareTitle]->get_result();
46.         }
47.        
48.         $this->removePreparedStatement($prepareTitle);
49.        
50.         return $ret;
51.     }
52.    
53.     /**
54.      * Gets a Prepared Statement based on it's title
55.      * @param String $prepareTitle The key for the statement
56.      * @return PreparedStatement The Prepared Statement
57.      */
58.     public function retrievePreparedStatement($prepareTitle){
59.         return $this->prepared_statements[$prepareTitle];
60.     }
61.    
62.     /**
63.      * Create new prepared statement in the system
64.      * @param String $prepareTitle The title for the statement
65.      * @param String $prepareBody The prepared statement
66.      * @return String|Object Thre prepareTitle passed
67.      */
68.     public function prepareStatement($prepareTitle, $prepareBody){
69.         $this->prepared_statements[$prepareTitle] = $this->sql->prepare($prepareBody);
70.         return $prepareTitle;
71.     }
72.    
73.     /**
74.      * Removes a Prepared Statement from the system
75.      * @param String $prepareTitle The key for the statement
76.      */
77.     public function removePreparedStatement($prepareTitle){
78.         $this->prepared_statements[$prepareTitle]->close();
79.         unset($this->prepared_statements[$prepareTitle]);
80.     }
81.    
82.     /**
83.      * Executes a query in sql
84.      * Note: Make sure you use ThrowLite::escapeString on all user values
85.      * @param String $query
86.      * @param Boolean $return If set to true, will return a ResultSet
87.      */
88.     public function executeSql($query, $return = false, $binds = array()){
89.         $id = $this->prepareStatement(sizeof($this->prepared_statements), $query);
90.         $ret = $this->executePreparedStatement($id, $return, $binds);
91.         if($this->sql->errno){
92.             echo new UserSystemException("Error while executing SQL", $this->sql->error);
93.             exit;
94.         }
95.         return $ret;
96.     }
97.    
98.     /**
99.      * Creates the default tables in the databases
100.      * @return Boolean true if completed otherwise false
101.      */
102.     public function CreateDefaultTables(){
103.         return (
104.             $this->executeSql(SQL_CreateTable_USERS)
105.             && $this->executeSql(SQL_CreateTable_MAIL)
106.             && $this->executeSql(SQL_CreateTable_NEWS)
107.             && $this->executeSql(SQL_CreateTable_LOGS)
108.             && $this->executeSql(SQL_CreateTable_IMAGES)
109.             && $this->executeSql(SQL_CreateTable_COMMENTS)
110.             && $this->executeSql(SQL_CreateTable_COMMENTTHREADS)
111.         );
112.     }
113.    
114.     /**
115.      * Closes current SQL connection
116.      */
117.     public function CloseSQL(){
118.         if($this->sql != null) { $this->sql->close(); $this->sql = null; }
119.     }
120.    
121.     /**
122.      * Open SQL connection
123.      */
124.     public function OpenSQL(){
125.         $this->CloseSQL();
126.         $this->sql = @new mysqli(SQL_SERVER, SQL_USERNAME, SQL_PASSWORD, SQL_DATABASE, SQL_PORT);
127.         if($this->sql->connect_errno){
128.             echo new TLSQLException("Error while connecting to MySql", "MYSQL ERROR: There was an error while trying to connect to sql server ".SQL_USERNAME."@".SQL_SERVER." using password '".((SQL_PASSWORD != "") ? "[YES]" : "[NO]")."'<br /><br />".mysqli_connect_error());
129.             return false;
130.         }
131.    
132.         return true;
133.     }
134.    
135.     /**
136.      * Returns the auto generated id used in the last query
137.      * @return The last ID inserted using auto increment column
138.      */
139.     public function GetLastInsertID(){
140.         return $this->sql->insert_id;
141.     }
142.    
143.     /**
144.      * Gets the current SQLI Object
145.      * @return mysqli The Current SQL Object
146.      */
147.     public function GetSQL(){
148.         return $this->sql;
149.     }
150.    
151.    
152.    
153. }
154.  
155.  
156. ?>