Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //prevent injection
- function qry($query) {
- // Connect to database
- $this->dbconnect();
- // get function arguments.
- $args = func_get_args();
- // Get first argument.
- $query = array_shift($args);
- $query = str_replace("?", "%s", $query);
- $args = array_map('mysql_real_escape_string', $args);
- array_unshift($args,$query);
- $query = call_user_func_array('sprintf',$args);
- $result = mysql_query($query) or die(mysql_error());
- if($result){
- return $result;
- }else{
- $error = "Error";
- return $result;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement