API tools faq
paste
Guest User

Untitled

a guest
Sep 16th, 2018
116
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.89 KB | None | 0 0
raw download clone embed print report
  1. class dbconnect{
  2. public function connect(){
  3. $connection = mysqli_connect($host,$user,$pass,$db);
  4. return $connection;
  5. }
  6. }
  7.  
  8. include 'db.php';
  9. class dao extends dbconnect {
  10. private $conn;
  11. public function __construct() {
  12. $dbcon = new parent();
  13. $this->conn = $dbcon->connect();
  14. }
  15.  
  16. public function select( $table , $where='' , $other='' ){
  17. ...
  18. }
  19. }
  20.  
  21. include 'cn.php';
  22.  
  23. if(isset($_POST['login'])){
  24. $username = $_POST['user_name']; // HOW ESCAPE THIS LINE ?
  25.  
  26. $d = new dao();
  27. $sel = $d->select("users" , ... ) or die('error from here');
  28. ...
  29. }
  30.  
  31. <?php
  32. if ( !class_exists( 'DB' ) ) {
  33. class DB {
  34. public function __construct($user, $password, $database, $host = 'localhost') {
  35. $this->user = $user;
  36. $this->password = $password;
  37. $this->database = $database;
  38. $this->host = $host;
  39. }
  40. protected function connect() {
  41. return new mysqli($this->host, $this->user, $this->password, $this->database);
  42. }
  43. public function query($query) {
  44. $db = $this->connect();
  45. $result = $db->query($query);
  46.  
  47. while ( $row = $result->fetch_object() ) {
  48. $results[] = $row;
  49. }
  50.  
  51. return $results;
  52. }
  53. public function insert($table, $data, $format) {
  54. // Check for $table or $data not set
  55. if ( empty( $table ) || empty( $data ) ) {
  56. return false;
  57. }
  58.  
  59. // Connect to the database
  60. $db = $this->connect();
  61.  
  62. // Cast $data and $format to arrays
  63. $data = (array) $data;
  64. $format = (array) $format;
  65.  
  66. // Build format string
  67. $format = implode('', $format);
  68. $format = str_replace('%', '', $format);
  69.  
  70. list( $fields, $placeholders, $values ) = $this->prep_query($data);
  71.  
  72. // Prepend $format onto $values
  73. array_unshift($values, $format);
  74. // Prepary our query for binding
  75. $stmt = $db->prepare("INSERT INTO {$table} ({$fields}) VALUES ({$placeholders})");
  76. // Dynamically bind values
  77. call_user_func_array( array( $stmt, 'bind_param'), $this->ref_values($values));
  78.  
  79. // Execute the query
  80. $stmt->execute();
  81.  
  82. // Check for successful insertion
  83. if ( $stmt->affected_rows ) {
  84. return true;
  85. }
  86.  
  87. return false;
  88. }
  89. public function update($table, $data, $format, $where, $where_format) {
  90. // Check for $table or $data not set
  91. if ( empty( $table ) || empty( $data ) ) {
  92. return false;
  93. }
  94.  
  95. // Connect to the database
  96. $db = $this->connect();
  97.  
  98. // Cast $data and $format to arrays
  99. $data = (array) $data;
  100. $format = (array) $format;
  101.  
  102. // Build format array
  103. $format = implode('', $format);
  104. $format = str_replace('%', '', $format);
  105. $where_format = implode('', $where_format);
  106. $where_format = str_replace('%', '', $where_format);
  107. $format .= $where_format;
  108.  
  109. list( $fields, $placeholders, $values ) = $this->prep_query($data, 'update');
  110.  
  111. //Format where clause
  112. $where_clause = '';
  113. $where_values = '';
  114. $count = 0;
  115.  
  116. foreach ( $where as $field => $value ) {
  117. if ( $count > 0 ) {
  118. $where_clause .= ' AND ';
  119. }
  120.  
  121. $where_clause .= $field . '=?';
  122. $where_values[] = $value;
  123.  
  124. $count++;
  125. }
  126. // Prepend $format onto $values
  127. array_unshift($values, $format);
  128. $values = array_merge($values, $where_values);
  129. // Prepary our query for binding
  130. $stmt = $db->prepare("UPDATE {$table} SET {$placeholders} WHERE {$where_clause}");
  131.  
  132. // Dynamically bind values
  133. call_user_func_array( array( $stmt, 'bind_param'), $this->ref_values($values));
  134.  
  135. // Execute the query
  136. $stmt->execute();
  137.  
  138. // Check for successful insertion
  139. if ( $stmt->affected_rows ) {
  140. return true;
  141. }
  142.  
  143. return false;
  144. }
  145. public function select($query, $data, $format) {
  146. // Connect to the database
  147. $db = $this->connect();
  148.  
  149. //Prepare our query for binding
  150. $stmt = $db->prepare($query);
  151.  
  152. //Normalize format
  153. $format = implode('', $format);
  154. $format = str_replace('%', '', $format);
  155.  
  156. // Prepend $format onto $values
  157. array_unshift($data, $format);
  158.  
  159. //Dynamically bind values
  160. call_user_func_array( array( $stmt, 'bind_param'), $this->ref_values($data));
  161.  
  162. //Execute the query
  163. $stmt->execute();
  164.  
  165. //Fetch results
  166. $result = $stmt->get_result();
  167.  
  168. //Create results object
  169. while ($row = $result->fetch_object()) {
  170. $results[] = $row;
  171. }
  172. return $results;
  173. }
  174. public function delete($table, $id) {
  175. // Connect to the database
  176. $db = $this->connect();
  177.  
  178. // Prepary our query for binding
  179. $stmt = $db->prepare("DELETE FROM {$table} WHERE ID = ?");
  180.  
  181. // Dynamically bind values
  182. $stmt->bind_param('d', $id);
  183.  
  184. // Execute the query
  185. $stmt->execute();
  186.  
  187. // Check for successful insertion
  188. if ( $stmt->affected_rows ) {
  189. return true;
  190. }
  191. }
  192. private function prep_query($data, $type='insert') {
  193. // Instantiate $fields and $placeholders for looping
  194. $fields = '';
  195. $placeholders = '';
  196. $values = array();
  197.  
  198. // Loop through $data and build $fields, $placeholders, and $values
  199. foreach ( $data as $field => $value ) {
  200. $fields .= "{$field},";
  201. $values[] = $value;
  202.  
  203. if ( $type == 'update') {
  204. $placeholders .= $field . '=?,';
  205. } else {
  206. $placeholders .= '?,';
  207. }
  208.  
  209. }
  210.  
  211. // Normalize $fields and $placeholders for inserting
  212. $fields = substr($fields, 0, -1);
  213. $placeholders = substr($placeholders, 0, -1);
  214.  
  215. return array( $fields, $placeholders, $values );
  216. }
  217. private function ref_values($array) {
  218. $refs = array();
  219. foreach ($array as $key => $value) {
  220. $refs[$key] = &$array[$key];
  221. }
  222. return $refs;
  223. }
  224. }
  225. }
  226.  
  227. //Your config.php file:
  228. require 'classes/db.php';
  229. $db = new DB('root', 'password here', 'test'); (host is default localhost)
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!