MySQL conversions - ch8 - Database Abstraction
class.Database.php
<?php
require_once('config_db.php');
class Database {
private $debug = false;
private $hConn;
public function __construct() {
global $cfg; // allow our method to access the $cfg associative array
// by making it global
$connString = ' host=' . $cfg['db']['host'];
$connString .= ' user=' . $cfg['db']['user'];
$connString .= ' password=' . $cfg['db']['password'];
$connString .= ' port=' . $cfg['db']['port'];
$connString .= ' dbname=' . $cfg['db']['name'];
//debug
if($this->debug){
echo "<h3>".$connString."</h3>";
}
// $this->hConn = mysql_connect($connString);
$this->hConn = mysql_connect($cfg['db']['host'],$cfg['db']['user'],$cfg['db']['password']);
if(! is_resource($this->hConn)) {
// throw new Exception("Unable to connect to the database " .
// "using \"$connString\"", E_USER_ERROR);
throw new Exception("Unable to connect to the database") ;
}
//select db
mysql_select_db($cfg['db']['name'], $this->hConn);
}
public function select($sql) {
$hRes = mysql_query($sql , $this->hConn);
if(!$hRes) {
throw new Exception("select function error!");
}
$arReturn = array();
while( ($row = mysql_fetch_assoc($hRes)) ) {
$arReturn[] = $row;
}
return $arReturn;
}
public function update($table, $arFieldValues, $arConditions) {
// create a useful array for the SET clause
$arUpdates = array();
foreach($arFieldValues as $field => $val) {
if(! is_numeric($val)) {
//make sure the values are properly escaped
$val = "'" . mysql_escape_string($val) . "'";
}
$arUpdates[] = "$field = $val";
}
// create a useful array for the WHERE clause
$arWhere = array();
foreach($arConditions as $field => $val) {
if(! is_numeric($val)) {
//make sure the values are properly escaped
$val = "'" . mysql_escape_string($val) . "'";
}
$arWhere[] = "$field = $val";
}
$sql = "UPDATE $table SET ";
$sql .= join(', ', $arUpdates);
$sql .= ' WHERE ' . join(' AND ', $arWhere);
//debug
if($this->debug){
echo "<h3>".$sql."</h3>";
}
if (!mysql_query($sql, $this->hConn))
{
throw new Exception("update function error!");
}
return mysql_affected_rows($this->hConn);
}
function delete($table, $arConditions) {
//create a useful array for generating the WHERE clause
$arWhere = array();
foreach($arConditions as $field => $val) {
if(! is_numeric($val)) {
//make sure the values are properly escaped
$val = "'" . mysql_escape_string($val) . "'";
}
$arWhere[] = "$field = $val";
}
$sql = "DELETE FROM $table WHERE " . join(' AND ', $arWhere);
//debug
if($this->debug){
echo "<h3>".$sql."</h3>";
}
if (!mysql_query($sql, $this->hConn))
{
throw new Exception("delete function error!");
}
return mysql_affected_rows($this->hConn);
}
public function insert($table, $arFieldValues) {
$fields = array_keys($arFieldValues);
$values = array_values($arFieldValues);
// Create a useful array of values
// that will be imploded to be the
// VALUES clause of the insert statement.
// Run the mysql_escape_string function on those
// values that are something other than numeric.
$escVals = array();
foreach($values as $val) {
if(! is_numeric($val)) {
//make sure the values are properly escaped
// $val = "'" . mysql_escape_string($val) . "'";
$val = "'" . mysql_escape_string($val) . "'";
}
$escVals[] = $val;
}
//generate the SQL statement
$sql = " INSERT INTO $table (";
$sql .= join(', ', $fields);
$sql .= ') VALUES(';
$sql .= join(', ', $escVals);
$sql .= ')';
$sql .= ';';
//debug
if($this->debug){
echo "<h3>".$sql."</h3>";
}
if (!mysql_query($sql, $this->hConn))
{
throw new Exception("insert function error!");
}
return mysql_affected_rows($this->hConn);
}
public function __destruct() {
if(is_resource($this->hConn)) {
mysql_close($this->hConn);
}
}
}
|
