API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 28th, 2017
80
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.74 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class MySqlDatabase
  3. {
  4. public $link;
  5.  
  6. private $where = '';
  7. private $order = '';
  8. private $limit = '';
  9. private $sql = '';
  10. private $totalRecs = 0;
  11. private $insertID = 0;
  12. private $affectedRecs = 0;
  13.  
  14. private static $instance;
  15.  
  16. const MYSQL_DATE_FORMAT = 'Y-m-d', MYSQL_TIME_FORMAT = 'H:i:s', MYSQL_DATETIME_FORMAT = 'Y-m-d H:i:s';
  17. const INSERT_GET_AUTO_INCREMENT_ID = 1, INSERT_GET_AFFECTED_ROWS = 2;
  18.  
  19. private function __construct() {}
  20.  
  21. public function connect($host, $user, $password, $database)
  22. {
  23. try
  24. {
  25. $driver_options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
  26. $dsn = sprintf('mysql:host=%s;dbname=%s', $host, $database);
  27.  
  28. $this->link = new PDO($dsn, $user, $password, $driver_options);
  29. $this->link->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  30. }
  31. catch (PDOException $e)
  32. {
  33. $this->_reportError($e);
  34. }
  35.  
  36. return $this->link;
  37. }
  38.  
  39. public static function getInstance()
  40. {
  41. if (!isset(self::$instance))
  42. {
  43. self::$instance = new MySqlDatabase();
  44. }
  45.  
  46. return self::$instance;
  47. }
  48.  
  49. public function isConnected()
  50. {
  51. return $this->link != null;
  52. }
  53.  
  54. public function getResult()
  55. {
  56. try
  57. {
  58. if (!is_string($this->sql))
  59. {
  60. $exMsg = sprintf('No MySQL query set %s. (param=%s:"%s")', __METHOD__, gettype($this->sql), $this->sql);
  61. $this->_reportError($exMsg);
  62. return;
  63. }
  64.  
  65. $stmt = $this->link->prepare($this->sql);
  66. $stmt->execute();
  67.  
  68. $aRet = $stmt->fetch(PDO::FETCH_OBJ); // $aRet->NAME;
  69.  
  70. $this->totalRecs = count($aRet);
  71.  
  72. return $aRet;
  73. }
  74. catch(PDOException $e)
  75. {
  76. $this->_reportError($e);
  77. }
  78. }
  79.  
  80. public function getAssoc()
  81. {
  82. try
  83. {
  84. if (!is_string($this->sql))
  85. {
  86. $exMsg = sprintf('No MySQL query set %s. (param=%s:"%s")', __METHOD__, gettype($this->sql), $this->sql);
  87. $this->_reportError($exMsg);
  88. return;
  89. }
  90.  
  91. $stmt = $this->link->prepare($this->sql);
  92. $stmt->execute();
  93.  
  94. $aRet = $stmt->fetch(PDO::FETCH_ASSOC); // $aRet->['NAME'];
  95.  
  96. $this->totalRecs = count($aRet);
  97.  
  98. return $aRet;
  99. }
  100. catch(PDOException $e)
  101. {
  102. $this->_reportError($e);
  103. }
  104. }
  105.  
  106. public function getColumn($count = 0)
  107. {
  108. try
  109. {
  110. $stmt = $this->link->prepare($this->sql);
  111. $stmt->execute();
  112.  
  113. return $count === 0 ? $stmt->fetchColumn() : $stmt->fetchColumn($count);
  114. }
  115. catch(PDOException $e)
  116. {
  117. $this->_reportError($e);
  118. }
  119. }
  120.  
  121. public function setQuery($query)
  122. {
  123. $this->sql = $query;
  124. }
  125.  
  126. public function runQuery()
  127. {
  128. try
  129. {
  130. $stmt = $this->link->prepare($this->sql);
  131. $stmt->execute();
  132. }
  133. catch(PDOException $e)
  134. {
  135. $this->_reportError($e);
  136. }
  137. }
  138.  
  139. public function runFastQuery($query)
  140. {
  141. $this->setQuery($query);
  142. $this->runQuery();
  143. }
  144.  
  145. public function insert($table, $fieldList)
  146. {
  147. try
  148. {
  149. if (!is_string($table))
  150. {
  151. $exMsg = sprintf('Geen tabelnaam in %s. (param=%s:"%s")', __METHOD__, gettype($table), $table);
  152. throw new PDOException($exMsg);
  153. }
  154.  
  155. if (!is_array($fieldList))
  156. {
  157. $exMsg = sprintf('Geen fieldlist in %s. (param=%s:"%s")', __METHOD__, gettype($fieldList), $fieldList);
  158. throw new PDOException($exMsg);
  159. }
  160.  
  161. $this->sql = sprintf('INSERT INTO %s (%s) VALUES (%s)', $table, implode(',', array_keys($fieldList)), ':' . implode(',:', array_keys($aFieldList)));
  162.  
  163. $stmt = $this->link->prepare($this->sql);
  164. $stmt->execute($aFieldList);
  165.  
  166. $this->insertID = $this->link->lastInsertId();
  167.  
  168. return $this->insertID;
  169. }
  170. catch(PDOException $e)
  171. {
  172. $this->_reportError($e);
  173. }
  174. }
  175.  
  176. public function update($table, $fieldList, $where)
  177. {
  178. try
  179. {
  180. if (!is_string($table))
  181. {
  182. $exMsg = sprintf('The param: table in %s isn\'t a valid string. (param=%s:"%s")', __METHOD__, gettype($table), $table);
  183. $this->_reportError($exMsg);
  184. return;
  185. }
  186.  
  187. if (!is_array($fieldList))
  188. {
  189. $exMsg = sprintf('The param: fieldList in %s isn\'t a valid string. (param=%s:"%s")', __METHOD__, gettype($fieldList), $fieldList);
  190. $this->_reportError($exMsg);
  191. return;
  192. }
  193.  
  194. if (!is_string($where))
  195. {
  196. $exMsg = sprintf('The param: where in %s isn\'t a valid string. (param=%s:"%s")', __METHOD__, gettype($where), $where);
  197. $this->_reportError($exMsg);
  198. return;
  199. }
  200.  
  201. $this->where = $where;
  202. $this->sql = sprintf('UPDATE %s SET ', $table);
  203.  
  204. foreach ($fieldList as $key => $val)
  205. {
  206. $this->sql .= sprintf('%s=\'%s\', ', $key, $val);
  207. }
  208.  
  209. $this->_sqlTrim();
  210. $this->_sqlWhere();
  211. $this->_sqlClose();
  212.  
  213. $stmt = $this->link->prepare($this->sql);
  214. $stmt->execute();
  215.  
  216. $this->affectedRecs = $stmt->rowCount();
  217.  
  218. return $this->affectedRecs;
  219. }
  220. catch(PDOException $e)
  221. {
  222. $this->_reportError($e);
  223. }
  224. }
  225.  
  226. private function _sqlWhere()
  227. {
  228. $this->sql .= ($this->where ? ' WHERE ' . $this->where : '');
  229. }
  230.  
  231. private function _sqlOrder()
  232. {
  233. $this->sql .= ($this->order ? ' ORDER BY ' . $this->order : '');
  234. }
  235.  
  236. private function _sqlLimit()
  237. {
  238. $this->sql .= ($this->limit ? ' LIMIT ' . $this->limit : '');
  239. }
  240.  
  241. private function _sqlClose()
  242. {
  243. $s = ';';
  244.  
  245. if (substr($this->sql, -1) != $s)
  246. {
  247. $this->sql .= $s;
  248. }
  249. }
  250.  
  251. private function _sqlTrim()
  252. {
  253. $this->sql = trim($this->sql);
  254. $s = ',';
  255.  
  256. if (substr($this->sql, -1) == $s)
  257. {
  258. $this->sql = substr($this->sql , 0 , strlen($this->sql) - 1);
  259. }
  260. }
  261.  
  262. private function _reportError($e)
  263. {
  264. if (is_object($e))
  265. {
  266. $sMsg = sprintf('Line: <b>%s</b><br />File: <b>%s</b><br />Error: <b>%s</b>', $e->getLine(), $e->getFile(), $e->getMessage());
  267. }
  268. else
  269. {
  270. if (is_string($e))
  271. {
  272. $sMsg = $e;
  273. }
  274. }
  275.  
  276. echo sprintf('<br /><br /><br /><div style="width:50%%;padding:15px;background-color:#FFFF66;border:2px solid red;">%s</div><br /><br />', $sMsg);
  277. die();
  278. }
  279. }
  280.  
  281. /* Usage:
  282.  
  283. require_once("includes/class.database.php");
  284.  
  285. $db = MySqlDatabase::getInstance();
  286.  
  287. try
  288. {
  289.  
  290. $db->connect($config["mysql_host"], $config["mysql_user"], $config["mysql_pass"], $config["mysql_base"]);
  291.  
  292.  
  293. if (!$db->isConnected())
  294. {
  295. die("Something went wrong while connecting with the database!");
  296. }
  297. }
  298.  
  299. catch (Exception $e)
  300. {
  301.  
  302. die($e->getMessage());
  303.  
  304. }
  305.  
  306.  
  307.  
  308. if (isset($_POST['sessionHash']) && $_POST['sessionHash'] === $_SESSION['sessionHash'])
  309. {
  310. $loginErrors = Array();
  311.  
  312. $username = $core->filterInputString($_POST['username']);
  313. $password = $core->filterInputString($_POST['password']);
  314.  
  315. $hashed_password = $core->generateSecretHash($password);
  316.  
  317. if (isset($username) && isset($password))
  318. {
  319. if (empty($username) || empty($password))
  320. {
  321. $loginErrors[] = "Please enter your username/password to log in.";
  322. }
  323. else
  324. {
  325. $db->setQuery("SELECT id FROM users WHERE username = '" . $username . "' AND password = '" . $hashed_password . "' LIMIT 1");
  326. $check = strlen($db->getColumn());
  327.  
  328. if ($check < 1)
  329. {
  330. $loginErrors[] = "The username/password combination you have supplied is incorrect!";
  331. }
  332.  
  333. if (count($loginErrors) <= 0)
  334. {
  335. $last_activity = date("F j, Y g:i:s A");
  336.  
  337. $db->setQuery("SELECT id FROM users WHERE username = '" . $username . "' LIMIT 1");
  338. $userID = $db->getColumn();
  339.  
  340. $db->runFastQuery("UPDATE users SET last_login = '" . $last_activity . "' WHERE id = '" . $userID . "' LIMIT 1");
  341.  
  342. $_SESSION["userID"] = $userID;
  343.  
  344. header("Location: ". WWW ."/index.php?page=me");
  345. exit();
  346.  
  347. //to-do: Ban checking, but i cba to code that at the moment..
  348. }
  349. }
  350.  
  351. $errResult = '<div id="login-error-field-wrapper">';
  352. $errResult .= '<div id="login-error-field">';
  353.  
  354. foreach ($loginErrors as $err)
  355. {
  356.  
  357. $errResult .= '<p>' . $err . '</p>';
  358. }
  359.  
  360. $errResult .= '</div></div>';
  361. }
  362. }
  363.  
  364. */
  365. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!