Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class MySqlDatabase
- {
- public $link;
- private $where = '';
- private $order = '';
- private $limit = '';
- private $sql = '';
- private $totalRecs = 0;
- private $insertID = 0;
- private $affectedRecs = 0;
- private static $instance;
- const MYSQL_DATE_FORMAT = 'Y-m-d', MYSQL_TIME_FORMAT = 'H:i:s', MYSQL_DATETIME_FORMAT = 'Y-m-d H:i:s';
- const INSERT_GET_AUTO_INCREMENT_ID = 1, INSERT_GET_AFFECTED_ROWS = 2;
- private function __construct() {}
- public function connect($host, $user, $password, $database)
- {
- try
- {
- $driver_options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
- $dsn = sprintf('mysql:host=%s;dbname=%s', $host, $database);
- $this->link = new PDO($dsn, $user, $password, $driver_options);
- $this->link->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- }
- catch (PDOException $e)
- {
- $this->_reportError($e);
- }
- return $this->link;
- }
- public static function getInstance()
- {
- if (!isset(self::$instance))
- {
- self::$instance = new MySqlDatabase();
- }
- return self::$instance;
- }
- public function isConnected()
- {
- return $this->link != null;
- }
- public function getResult()
- {
- try
- {
- if (!is_string($this->sql))
- {
- $exMsg = sprintf('No MySQL query set %s. (param=%s:"%s")', __METHOD__, gettype($this->sql), $this->sql);
- $this->_reportError($exMsg);
- return;
- }
- $stmt = $this->link->prepare($this->sql);
- $stmt->execute();
- $aRet = $stmt->fetch(PDO::FETCH_OBJ); // $aRet->NAME;
- $this->totalRecs = count($aRet);
- return $aRet;
- }
- catch(PDOException $e)
- {
- $this->_reportError($e);
- }
- }
- public function getAssoc()
- {
- try
- {
- if (!is_string($this->sql))
- {
- $exMsg = sprintf('No MySQL query set %s. (param=%s:"%s")', __METHOD__, gettype($this->sql), $this->sql);
- $this->_reportError($exMsg);
- return;
- }
- $stmt = $this->link->prepare($this->sql);
- $stmt->execute();
- $aRet = $stmt->fetch(PDO::FETCH_ASSOC); // $aRet->['NAME'];
- $this->totalRecs = count($aRet);
- return $aRet;
- }
- catch(PDOException $e)
- {
- $this->_reportError($e);
- }
- }
- public function getColumn($count = 0)
- {
- try
- {
- $stmt = $this->link->prepare($this->sql);
- $stmt->execute();
- return $count === 0 ? $stmt->fetchColumn() : $stmt->fetchColumn($count);
- }
- catch(PDOException $e)
- {
- $this->_reportError($e);
- }
- }
- public function setQuery($query)
- {
- $this->sql = $query;
- }
- public function runQuery()
- {
- try
- {
- $stmt = $this->link->prepare($this->sql);
- $stmt->execute();
- }
- catch(PDOException $e)
- {
- $this->_reportError($e);
- }
- }
- public function runFastQuery($query)
- {
- $this->setQuery($query);
- $this->runQuery();
- }
- public function insert($table, $fieldList)
- {
- try
- {
- if (!is_string($table))
- {
- $exMsg = sprintf('Geen tabelnaam in %s. (param=%s:"%s")', __METHOD__, gettype($table), $table);
- throw new PDOException($exMsg);
- }
- if (!is_array($fieldList))
- {
- $exMsg = sprintf('Geen fieldlist in %s. (param=%s:"%s")', __METHOD__, gettype($fieldList), $fieldList);
- throw new PDOException($exMsg);
- }
- $this->sql = sprintf('INSERT INTO %s (%s) VALUES (%s)', $table, implode(',', array_keys($fieldList)), ':' . implode(',:', array_keys($aFieldList)));
- $stmt = $this->link->prepare($this->sql);
- $stmt->execute($aFieldList);
- $this->insertID = $this->link->lastInsertId();
- return $this->insertID;
- }
- catch(PDOException $e)
- {
- $this->_reportError($e);
- }
- }
- public function update($table, $fieldList, $where)
- {
- try
- {
- if (!is_string($table))
- {
- $exMsg = sprintf('The param: table in %s isn\'t a valid string. (param=%s:"%s")', __METHOD__, gettype($table), $table);
- $this->_reportError($exMsg);
- return;
- }
- if (!is_array($fieldList))
- {
- $exMsg = sprintf('The param: fieldList in %s isn\'t a valid string. (param=%s:"%s")', __METHOD__, gettype($fieldList), $fieldList);
- $this->_reportError($exMsg);
- return;
- }
- if (!is_string($where))
- {
- $exMsg = sprintf('The param: where in %s isn\'t a valid string. (param=%s:"%s")', __METHOD__, gettype($where), $where);
- $this->_reportError($exMsg);
- return;
- }
- $this->where = $where;
- $this->sql = sprintf('UPDATE %s SET ', $table);
- foreach ($fieldList as $key => $val)
- {
- $this->sql .= sprintf('%s=\'%s\', ', $key, $val);
- }
- $this->_sqlTrim();
- $this->_sqlWhere();
- $this->_sqlClose();
- $stmt = $this->link->prepare($this->sql);
- $stmt->execute();
- $this->affectedRecs = $stmt->rowCount();
- return $this->affectedRecs;
- }
- catch(PDOException $e)
- {
- $this->_reportError($e);
- }
- }
- private function _sqlWhere()
- {
- $this->sql .= ($this->where ? ' WHERE ' . $this->where : '');
- }
- private function _sqlOrder()
- {
- $this->sql .= ($this->order ? ' ORDER BY ' . $this->order : '');
- }
- private function _sqlLimit()
- {
- $this->sql .= ($this->limit ? ' LIMIT ' . $this->limit : '');
- }
- private function _sqlClose()
- {
- $s = ';';
- if (substr($this->sql, -1) != $s)
- {
- $this->sql .= $s;
- }
- }
- private function _sqlTrim()
- {
- $this->sql = trim($this->sql);
- $s = ',';
- if (substr($this->sql, -1) == $s)
- {
- $this->sql = substr($this->sql , 0 , strlen($this->sql) - 1);
- }
- }
- private function _reportError($e)
- {
- if (is_object($e))
- {
- $sMsg = sprintf('Line: <b>%s</b><br />File: <b>%s</b><br />Error: <b>%s</b>', $e->getLine(), $e->getFile(), $e->getMessage());
- }
- else
- {
- if (is_string($e))
- {
- $sMsg = $e;
- }
- }
- echo sprintf('<br /><br /><br /><div style="width:50%%;padding:15px;background-color:#FFFF66;border:2px solid red;">%s</div><br /><br />', $sMsg);
- die();
- }
- }
- /* Usage:
- require_once("includes/class.database.php");
- $db = MySqlDatabase::getInstance();
- try
- {
- $db->connect($config["mysql_host"], $config["mysql_user"], $config["mysql_pass"], $config["mysql_base"]);
- if (!$db->isConnected())
- {
- die("Something went wrong while connecting with the database!");
- }
- }
- catch (Exception $e)
- {
- die($e->getMessage());
- }
- if (isset($_POST['sessionHash']) && $_POST['sessionHash'] === $_SESSION['sessionHash'])
- {
- $loginErrors = Array();
- $username = $core->filterInputString($_POST['username']);
- $password = $core->filterInputString($_POST['password']);
- $hashed_password = $core->generateSecretHash($password);
- if (isset($username) && isset($password))
- {
- if (empty($username) || empty($password))
- {
- $loginErrors[] = "Please enter your username/password to log in.";
- }
- else
- {
- $db->setQuery("SELECT id FROM users WHERE username = '" . $username . "' AND password = '" . $hashed_password . "' LIMIT 1");
- $check = strlen($db->getColumn());
- if ($check < 1)
- {
- $loginErrors[] = "The username/password combination you have supplied is incorrect!";
- }
- if (count($loginErrors) <= 0)
- {
- $last_activity = date("F j, Y g:i:s A");
- $db->setQuery("SELECT id FROM users WHERE username = '" . $username . "' LIMIT 1");
- $userID = $db->getColumn();
- $db->runFastQuery("UPDATE users SET last_login = '" . $last_activity . "' WHERE id = '" . $userID . "' LIMIT 1");
- $_SESSION["userID"] = $userID;
- header("Location: ". WWW ."/index.php?page=me");
- exit();
- //to-do: Ban checking, but i cba to code that at the moment..
- }
- }
- $errResult = '<div id="login-error-field-wrapper">';
- $errResult .= '<div id="login-error-field">';
- foreach ($loginErrors as $err)
- {
- $errResult .= '<p>' . $err . '</p>';
- }
- $errResult .= '</div></div>';
- }
- }
- */
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement