SHOW:
|
|
- or go back to the newest paste.
| 1 | <?php | |
| 2 | ||
| 3 | if (!defined('VALID_ACCESS')) {
| |
| 4 | echo -8; | |
| 5 | die('You don\'t belong here!');
| |
| 6 | } | |
| 7 | ||
| 8 | // Gets called from the form handling code | |
| 9 | // $rows is an array containing form data for each new row in the table | |
| 10 | // $len is the length of the array | |
| 11 | function insertRows($rows, $len) {
| |
| 12 | $query = prepareQuery($rows, $len); | |
| 13 | $con = new db('localhost', 'root', 'shibboleet', 'test');
| |
| 14 | if (mysqli_connect_errno()) {
| |
| 15 | echo -4; | |
| 16 | die('Couldn\'t connect to database! ' . mysqli_connect_error());
| |
| 17 | } | |
| 18 | else {
| |
| 19 | if (!($stmt = $con->prepare($query))) {
| |
| 20 | echo -5; | |
| 21 | die('Couldn\'t connect to database! ' . $con->error);
| |
| 22 | } | |
| 23 | bindParams($rows, $len, $stmt); | |
| 24 | ||
| 25 | if ($stmt->execute()) {
| |
| 26 | echo 0; | |
| 27 | } | |
| 28 | else {
| |
| 29 | echo -9; | |
| 30 | die('Error: ' . $stmt->error . '<br/>');
| |
| 31 | } | |
| 32 | $stmt->close(); | |
| 33 | } | |
| 34 | ||
| 35 | $con->close(); | |
| 36 | } | |
| 37 | ||
| 38 | // This function prepares the format of the prepared statement by figuring out | |
| 39 | // how many rows are to be inserted and how many columns will each row contain. | |
| 40 | // Then it just appends the required number of '?' and wraps them in '()'. | |
| 41 | // $sepr = ',' | |
| 42 | // $colMap contains descriptors for each column of data - 's' or 'i' | |
| 43 | // $typeMap contains the column names | |
| 44 | function prepareQuery($rows, $len) {
| |
| 45 | global $base, $sepr, $typeMap, $colMap; | |
| 46 | $str = $base . '(' . implode($sepr, $colMap) . ') VALUES ';
| |
| 47 | $entries = 0; | |
| 48 | for ($i = 0; $i < $len; $i++) {
| |
| 49 | $toAppend = true; | |
| 50 | $query = '(';
| |
| 51 | ||
| 52 | $tycnt = count($typeMap) - 1; | |
| 53 | $ncols = substr_count($rows[$i], $sepr); | |
| 54 | if ($ncols == $tycnt) {
| |
| 55 | for ($j = 0; $j < $ncols; $j++) {
| |
| 56 | $query .= '?,'; | |
| 57 | } | |
| 58 | $query .= '?'; | |
| 59 | } | |
| 60 | else {
| |
| 61 | $toAppend = false; | |
| 62 | } | |
| 63 | ||
| 64 | $query .= ')'; | |
| 65 | if ($i < ($len-1)) {
| |
| 66 | $query .= ','; | |
| 67 | } | |
| 68 | ||
| 69 | if ($toAppend) {
| |
| 70 | $str .= $query; | |
| 71 | $entries++; | |
| 72 | } | |
| 73 | } | |
| 74 | $str .= ';'; | |
| 75 | ||
| 76 | if ($entries == 0) {
| |
| 77 | echo -7; | |
| 78 | die('No valid entries provided!');
| |
| 79 | } | |
| 80 | ||
| 81 | echo $str . '<br/>'; | |
| 82 | return $str; | |
| 83 | } | |
| 84 | ||
| 85 | // This binds the form data to the prepared statement. The form data is in the format | |
| 86 | // <row1_col1>,<row1_col2>,....,<row1_coln>;<row2_col1>,<row2_col2>,...,<row2_coln>;.... | |
| 87 | // where each <rowi_coli> is base64 encoded. | |
| 88 | function bindParams($rows, $len, $stmt) {
| |
| 89 | global $sepr, $typeMap; | |
| 90 | for ($i = 0; $i < $len; $i++) {
| |
| 91 | $tycnt = count($typeMap); | |
| 92 | $cols = explode($sepr, $rows[$i]); | |
| 93 | ||
| 94 | if (count($cols) == $tycnt) {
| |
| 95 | for ($j =0; $j < $tycnt; $j++) {
| |
| 96 | $prm = base64_decode($cols[$j]); | |
| 97 | if ($prm == '') {
| |
| 98 | $prm = NULL; | |
| 99 | } | |
| 100 | $cols[$j] = $prm; | |
| 101 | $stmt->mbind_param($typeMap[$j], $cols[$j]); | |
| 102 | } | |
| 103 | } | |
| 104 | } | |
| 105 | } | |
| 106 | ||
| 107 | class db extends mysqli {
| |
| 108 | public function prepare($query) {
| |
| 109 | return new stmt($this,$query); | |
| 110 | } | |
| 111 | } | |
| 112 | ||
| 113 | class stmt extends mysqli_stmt {
| |
| 114 | public function __construct($link, $query) {
| |
| 115 | $this->mbind_reset(); | |
| 116 | parent::__construct($link, $query); | |
| 117 | } | |
| 118 | ||
| 119 | public function mbind_reset() {
| |
| 120 | unset($this->mbind_params); | |
| 121 | unset($this->mbind_types); | |
| 122 | $this->mbind_params = array(); | |
| 123 | $this->mbind_types = array('');
| |
| 124 | } | |
| 125 | ||
| 126 | public function mbind_param($type, &$param) {
| |
| 127 | $this->mbind_types[0].= $type; | |
| 128 | $this->mbind_params[] = &$param; | |
| 129 | } | |
| 130 | ||
| 131 | public function mbind_param_do() {
| |
| 132 | $params = array_merge($this->mbind_types, $this->mbind_params); | |
| 133 | return call_user_func_array(array($this, 'bind_param'), | |
| 134 | $this->makeValuesReferenced($params)); | |
| 135 | } | |
| 136 | ||
| 137 | private function makeValuesReferenced($arr){
| |
| 138 | $refs = array(); | |
| 139 | foreach($arr as $key => $value) {
| |
| 140 | $refs[$key] = &$arr[$key]; | |
| 141 | } | |
| 142 | return $refs; | |
| 143 | } | |
| 144 | ||
| 145 | public function execute() {
| |
| 146 | if(count($this->mbind_params)) {
| |
| 147 | if (!$this->mbind_param_do()) {
| |
| 148 | echo -11; | |
| 149 | die('Error binding parameters! ' . $this->error . '<br/>');
| |
| 150 | } | |
| 151 | } | |
| 152 | return parent::execute(); | |
| 153 | } | |
| 154 | ||
| 155 | private $mbind_types = array('');
| |
| 156 | private $mbind_params = array(); | |
| 157 | } | |
| 158 | ||
| 159 | ?> |
