Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class DatabaseConnection {
- private $data, $sql, $conn, $host, $user, $pass, $dtbs;
- public function __construct($host, $user, $pass, $dtbs) {
- $this->host = $host;
- $this->user = $user;
- $this->pass = $pass;
- $this->dtbs = $dtbs;
- $this->conn = new mysqli($this->host, $this->user, $this->pass, $this->dtbs);
- if ($this->conn) {
- return $this->conn;
- } else {
- return false;
- }
- }
- public function query($sql, $data) {
- $this->data = $data;
- $this->sql = $sql;
- foreach ($data as $val) {
- if (strpos($this->sql, "'%i'") !== false || strpos($this->sql, "'%s'") !== false || strpos($this->sql, '"%i"') !== false || strpos($this->sql, '"%i"') !== false) {
- echo "SQL incorrect: There can't be any quotes around the parameters, because this function does that automaticly for you";
- exit();
- }
- $pos = strpos($this->sql, '%');
- $type = substr($this->sql, $pos, 2);
- if ($type == '%i') {
- if (is_int($val)) {
- $this->sql = substr_replace($this->sql, $val, $pos, 2);
- } else {
- echo "Parameter incorrect: Data is not an integer value";
- exit();
- }
- } elseif ($type == '%s') {
- if (!is_int($val)) {
- $this->sql = substr_replace($this->sql, "UNHEX('".bin2hex($val)."')", $pos, 2);
- } else {
- echo "Parameter incorrect: Data is an integer value";
- exit();
- }
- } else {
- echo "Parameter incorrect: Parameter %i for integer of %s for all other types of data";
- exit();
- }
- }
- $this->query = $this->conn->query($this->sql);
- return $this->query;
- }
- public function fetch($query) {
- return $query->fetch_assoc();
- }
- public function num_rows($query) {
- return $query->num_rows;
- }
- }
- ?>
- <?php
- function __autoload($class){
- require('classes/' . strtolower($class) . '.class.php');
- }
- require('config.php');
- $sql = new DatabaseConnection(DB_HOST, DB_USER, DB_PASS, DB_DTBS);
- // The DB_xxxx constants are defined in config.php
- ?>
- <!doctype html>
- <html>
- <head>
- <meta charset="utf-8">
- <title>OOP - Object Orientated Programming</title>
- </head>
- <body>
- <?php
- $data = array(1, "Brian o'Reilly");
- $query = $sql->query("SELECT * FROM users WHERE id = %i AND name = %s", $data);
- if ($sql->num_rows($query) > 0) {
- while ($r = $sql->fetch($query)) {
- echo '<p>User ' . $r['name'] . ' has ID ' . $r['id'] . '</p>';
- }
- } else {
- echo "<p>No results</p>";
- }
- ?>
- </body>
- </html>
Add Comment
Please, Sign In to add comment