Skip to main content
Code Review

Return to Question

Missing quote!!
Source Link
sBucholtz
sBucholtz
  • 107
  • 9

$db->statement("INSERT INTO table (col1, col2, col3) VALUES (?, ?, ?)", [$foo, $bar, $baz]);

$db->statement("INSERT INTO table (col1, col2, col3) VALUES (?, ?, ?), [$foo, $bar, $baz]);

$db->statement("INSERT INTO table (col1, col2, col3) VALUES (?, ?, ?)", [$foo, $bar, $baz]);

Fixed object member formatting & added additional documentation on basic usage to help commentators
Source Link
sBucholtz
sBucholtz
  • 107
  • 9

$db -> statement>statement($sql, $param)

$db->statement("SELECT column_name FROM table WHERE = ?", "bind_me")

$db->statement("INSERT INTO table (col1, col2, col3) VALUES (?, ?, ?), [$foo, $bar, $baz]);

print_r($db -> result>result());

print json_encode($db -> result>result());

class Sqli
{
    const DBHOST = "localhost";
    const DBUSER = "";
    const DBPASS = "";
    const DBNAME = "";
    
    protected $conn;
    protected $stmt;
    
    function __construct()
    {
        $this -> setConnection>setConnection();
    }
    
    private function setConnection()
    {
        mysqli_report(MYSQLI_REPORT_STRICT|MYSQLI_REPORT_ERROR);
        try
        {
            $conn = new mysqli(
                self::DBHOST, 
                self::DBUSER, 
                self::DBPASS, 
                self::DBNAME
            );
        }
        catch(MySQLi_sql_exception $e)
        {
            throw new \MySQLi_sql_exception(
                $e->getMessage(), 
                $e->getCode()
            );
        }
        $this -> conn>conn = $conn;
    }
    
    public function statement($sql, $param)
    {
        $stmt   = $this -> conn >conn-> prepare>prepare($sql);
        
        if($param !== FALSE)
        {
            
            if(!is_array($param))
            {
                $param = [$param];
            }
            
            $types = str_repeat("s", count($param));
            
            $stmt -> bind_param>bind_param($types, ...$param);
        }
        
        $stmt -> execute>execute();
        
        $stmt -> store_result>store_result();
        
        $this -> stmt>stmt = $stmt;
    }
    
    public function result()
    {
        $stmt = $this -> stmt;>stmt;
        
        $meta = $stmt -> result_metadata>result_metadata();
        
        while($field = $meta -> fetch_field>fetch_field())
        {
            $param[] = &$row[$field -> name];>name];
        }
        
        call_user_func_array([$stmt, "bind_result"], $param);
        
        while($stmt -> fetch>fetch())
        {
            
            foreach($row as $key => $val)
            {
                $r[$key] = filter_var($val, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH|FILTER_FLAG_ENCODE_LOW|FILTER_FLAG_ENCODE_AMP);
            }
            $result[] = $r;
        }
        
        return $result;
    }
}

$db -> statement($sql, $param)

print_r($db -> result());

print json_encode($db -> result());

class Sqli
{
    const DBHOST = "localhost";
    const DBUSER = "";
    const DBPASS = "";
    const DBNAME = "";
    
    protected $conn;
    protected $stmt;
    
    function __construct()
    {
        $this -> setConnection();
    }
    
    private function setConnection()
    {
        mysqli_report(MYSQLI_REPORT_STRICT|MYSQLI_REPORT_ERROR);
        try
        {
            $conn = new mysqli(
                self::DBHOST, 
                self::DBUSER, 
                self::DBPASS, 
                self::DBNAME
            );
        }
        catch(MySQLi_sql_exception $e)
        {
            throw new \MySQLi_sql_exception(
                $e->getMessage(), 
                $e->getCode()
            );
        }
        $this -> conn = $conn;
    }
    
    public function statement($sql, $param)
    {
        $stmt   = $this -> conn -> prepare($sql);
        
        if($param !== FALSE)
        {
            
            if(!is_array($param))
            {
                $param = [$param];
            }
            
            $types = str_repeat("s", count($param));
            
            $stmt -> bind_param($types, ...$param);
        }
        
        $stmt -> execute();
        
        $stmt -> store_result();
        
        $this -> stmt = $stmt;
    }
    
    public function result()
    {
        $stmt = $this -> stmt;
        
        $meta = $stmt -> result_metadata();
        
        while($field = $meta -> fetch_field())
        {
            $param[] = &$row[$field -> name];
        }
        
        call_user_func_array([$stmt, "bind_result"], $param);
        
        while($stmt -> fetch())
        {
            
            foreach($row as $key => $val)
            {
                $r[$key] = filter_var($val, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH|FILTER_FLAG_ENCODE_LOW|FILTER_FLAG_ENCODE_AMP);
            }
            $result[] = $r;
        }
        
        return $result;
    }
}

$db->statement($sql, $param)

$db->statement("SELECT column_name FROM table WHERE = ?", "bind_me")

$db->statement("INSERT INTO table (col1, col2, col3) VALUES (?, ?, ?), [$foo, $bar, $baz]);

print_r($db->result());

print json_encode($db->result());

class Sqli
{
    const DBHOST = "localhost";
    const DBUSER = "";
    const DBPASS = "";
    const DBNAME = "";
    
    protected $conn;
    protected $stmt;
    
    function __construct()
    {
        $this->setConnection();
    }
    
    private function setConnection()
    {
        mysqli_report(MYSQLI_REPORT_STRICT|MYSQLI_REPORT_ERROR);
        try
        {
            $conn = new mysqli(
                self::DBHOST, 
                self::DBUSER, 
                self::DBPASS, 
                self::DBNAME
            );
        }
        catch(MySQLi_sql_exception $e)
        {
            throw new \MySQLi_sql_exception(
                $e->getMessage(), 
                $e->getCode()
            );
        }
        $this->conn = $conn;
    }
    
    public function statement($sql, $param)
    {
        $stmt   = $this->conn->prepare($sql);
        
        if($param !== FALSE)
        {
            
            if(!is_array($param))
            {
                $param = [$param];
            }
            
            $types = str_repeat("s", count($param));
            
            $stmt->bind_param($types, ...$param);
        }
        
        $stmt->execute();
        
        $stmt->store_result();
        
        $this->stmt = $stmt;
    }
    
    public function result()
    {
        $stmt = $this->stmt;
        
        $meta = $stmt->result_metadata();
        
        while($field = $meta->fetch_field())
        {
            $param[] = &$row[$field->name];
        }
        
        call_user_func_array([$stmt, "bind_result"], $param);
        
        while($stmt->fetch())
        {
            
            foreach($row as $key => $val)
            {
                $r[$key] = filter_var($val, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH|FILTER_FLAG_ENCODE_LOW|FILTER_FLAG_ENCODE_AMP);
            }
            $result[] = $r;
        }
        
        return $result;
    }
}
remove unhelpful comments
Source Link
Mast
Mast
  • 13.9k
  • 12
  • 57
  • 128

PHP MySQLi Database Objectdatabase object

class Sqli
{
    const DBHOST = "localhost";
    const DBUSER = "";
    const DBPASS = "";
    const DBNAME = "";
    
    protected $conn;
    protected $stmt;
    
    function __construct()
    {
        $this -> setConnection();
    }
    
    private function setConnection()
    {
        mysqli_report(MYSQLI_REPORT_STRICT|MYSQLI_REPORT_ERROR);
        try
        {
            $conn = new mysqli(
                self::DBHOST, 
                self::DBUSER, 
                self::DBPASS, 
                self::DBNAME
            );
        }
        catch(MySQLi_sql_exception $e)
        {
            throw new \MySQLi_sql_exception(
                $e->getMessage(), 
                $e->getCode()
            );
        }
        $this -> conn = $conn;
    }
    
    public function statement($sql, $param)
    {
        $stmt   = $this -> conn -> prepare($sql);
        
        if($param !== FALSE)
        {
            
            if(!is_array($param))
            {
                $param = [$param];
            }
            
            $types = str_repeat("s", count($param));
            
            $stmt -> bind_param($types, ...$param);
        }
        
        $stmt -> execute();
        
        $stmt -> store_result();
        
        $this -> stmt = $stmt;
    }
    
    public function result()
    {
        $stmt = $this -> stmt;
        
        $meta = $stmt -> result_metadata();
        
        while($field = $meta -> fetch_field())
        {
            $param[] = &$row[$field -> name];
        }
        
        call_user_func_array([$stmt, "bind_result"], $param);
        
        while($stmt -> fetch())
        {
            
            foreach($row as $key => $val)
            {
                $r[$key] = filter_var($val, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH|FILTER_FLAG_ENCODE_LOW|FILTER_FLAG_ENCODE_AMP);
            }
            $result[] = $r;
        }
        
        return $result;
    }
}
```

PHP MySQLi Database Object

class Sqli
{
    const DBHOST = "localhost";
    const DBUSER = "";
    const DBPASS = "";
    const DBNAME = "";
    
    protected $conn;
    protected $stmt;
    
    function __construct()
    {
        $this -> setConnection();
    }
    
    private function setConnection()
    {
        mysqli_report(MYSQLI_REPORT_STRICT|MYSQLI_REPORT_ERROR);
        try
        {
            $conn = new mysqli(
                self::DBHOST, 
                self::DBUSER, 
                self::DBPASS, 
                self::DBNAME
            );
        }
        catch(MySQLi_sql_exception $e)
        {
            throw new \MySQLi_sql_exception(
                $e->getMessage(), 
                $e->getCode()
            );
        }
        $this -> conn = $conn;
    }
    
    public function statement($sql, $param)
    {
        $stmt   = $this -> conn -> prepare($sql);
        
        if($param !== FALSE)
        {
            
            if(!is_array($param))
            {
                $param = [$param];
            }
            
            $types = str_repeat("s", count($param));
            
            $stmt -> bind_param($types, ...$param);
        }
        
        $stmt -> execute();
        
        $stmt -> store_result();
        
        $this -> stmt = $stmt;
    }
    
    public function result()
    {
        $stmt = $this -> stmt;
        
        $meta = $stmt -> result_metadata();
        
        while($field = $meta -> fetch_field())
        {
            $param[] = &$row[$field -> name];
        }
        
        call_user_func_array([$stmt, "bind_result"], $param);
        
        while($stmt -> fetch())
        {
            
            foreach($row as $key => $val)
            {
                $r[$key] = filter_var($val, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH|FILTER_FLAG_ENCODE_LOW|FILTER_FLAG_ENCODE_AMP);
            }
            $result[] = $r;
        }
        
        return $result;
    }
}
```

PHP MySQLi database object

class Sqli
{
    const DBHOST = "localhost";
    const DBUSER = "";
    const DBPASS = "";
    const DBNAME = "";
    
    protected $conn;
    protected $stmt;
    
    function __construct()
    {
        $this -> setConnection();
    }
    
    private function setConnection()
    {
        mysqli_report(MYSQLI_REPORT_STRICT|MYSQLI_REPORT_ERROR);
        try
        {
            $conn = new mysqli(
                self::DBHOST, 
                self::DBUSER, 
                self::DBPASS, 
                self::DBNAME
            );
        }
        catch(MySQLi_sql_exception $e)
        {
            throw new \MySQLi_sql_exception(
                $e->getMessage(), 
                $e->getCode()
            );
        }
        $this -> conn = $conn;
    }
    
    public function statement($sql, $param)
    {
        $stmt   = $this -> conn -> prepare($sql);
        
        if($param !== FALSE)
        {
            
            if(!is_array($param))
            {
                $param = [$param];
            }
            
            $types = str_repeat("s", count($param));
            
            $stmt -> bind_param($types, ...$param);
        }
        
        $stmt -> execute();
        
        $stmt -> store_result();
        
        $this -> stmt = $stmt;
    }
    
    public function result()
    {
        $stmt = $this -> stmt;
        
        $meta = $stmt -> result_metadata();
        
        while($field = $meta -> fetch_field())
        {
            $param[] = &$row[$field -> name];
        }
        
        call_user_func_array([$stmt, "bind_result"], $param);
        
        while($stmt -> fetch())
        {
            
            foreach($row as $key => $val)
            {
                $r[$key] = filter_var($val, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH|FILTER_FLAG_ENCODE_LOW|FILTER_FLAG_ENCODE_AMP);
            }
            $result[] = $r;
        }
        
        return $result;
    }
}
remove unhelpful comments
Source Link
edit approved Feb 13, 2020 at 9:54
Alexandre Elshobokshy
edit approved Feb 13, 2020 at 9:54
Alexandre Elshobokshy
  • 103
  • 2
Source Link
sBucholtz
sBucholtz
  • 107
  • 9