Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

PHP Forum


You are currently viewing our PHP Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Development and Programming Support > PHP Forum > Mysqli

Freelance Jobs

Reply
Mysqli
Old 11-17-2010, 03:21 AM Mysqli
evans123's Avatar
Ultra Talker

Posts: 468
Trades: 0
Talkupation: evans123 will become famous soon enough
Can the script below be improved in anyway? Would it be possible to automatically get the type of the $params and bind them dynamically, would this pose a secuirty threat or not?

PHP Code:
class MySQLDB {
   var $numRows 0;
   var $queryTime 0;
   var $totalQueryTime 0;
   var $queryCount 0;

function query($sql$params$close){
    
    // Reset Variables
        $this->numRows 0;
        $this->queryTime 0;
        
        $time_start $this->microtime_float();
        
           $mysqli = new mysqli(DB_xxxDB_xxxDB_xxxDB_xxx);
           $stmt $mysqli->prepare($sql) or die ("Failed to prepared the statement!");

           if(count($params) > 1)
           call_user_func_array(array($stmt'bind_param'), $this->refValues($params));

           $stmt->execute();
           $stmt->store_result();

           if($close){
               $result $mysqli->affected_rows;
           } else {
               $meta $stmt->result_metadata();
           
               while ( $field $meta->fetch_field() ) {
                   $parameters[] = &$row[$field->name];
               } 
       
            call_user_func_array(array($stmt'bind_result'), $this->refValues($parameters));
              
            while ( $stmt->fetch() ) { 
               $x = array(); 
               foreach( $row as $key => $val ) { 
                  $x[$key] = $val
               } 
               $results[] = $x
            }

            $result $results;
           }
           
           // Query information
           
           $this->num_rows $stmt->num_rows;
           
           //Close query and mysql connection
           $stmt->close();
           $mysqli->close();
           
           // Query Information
           $time_end $this->microtime_float();
           $this->queryTime $time_end $time_start;
           $this->totalQueryTime .= $this->queryTime;
           $this->queryCount++;
          
           return $result;
   }
  
    private function refValues($arr){
        if (strnatcmp(phpversion(),'5.3') >= 0//Reference is required for PHP 5.3+
        {
            $refs = array();
            foreach($arr as $key => $value)
                $refs[$key] = &$arr[$key];
            return $refs;
        }
        return $arr;
    }

    function microtime_float()
{
    list($usec$sec) = explode(" "microtime());
    return ((float)$usec + (float)$sec);
evans123 is offline
Reply With Quote
View Public Profile Visit evans123's homepage!
 
 
Register now for full access!
Old 11-18-2010, 05:25 PM Re: Mysqli
mgraphic's Avatar
Truth Seeker

Latest Blog Post:
JAMISONTUNES
Posts: 2,918
Name: Keith Marshall
Location: Connecticut
Trades: 0
Talkupation: mgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant future
Why not use PDO Data abstration class in PHP 5?
__________________

<mgraphic /> - I don't have a solution but I admire the problem.
mgraphic is offline
Reply With Quote
View Public Profile
 
Old 11-19-2010, 10:58 AM Re: Mysqli
evans123's Avatar
Ultra Talker

Posts: 468
Trades: 0
Talkupation: evans123 will become famous soon enough
This website has some good PDO examples.

http://www.phpro.org/tutorials/Intro...PHP-PDO.html#2

Any ideas how i can dynamically bind parameters?
Last edited by evans123; 11-19-2010 at 11:55 AM..
evans123 is offline
Reply With Quote
View Public Profile Visit evans123's homepage!
 
Old 11-19-2010, 09:43 PM Re: Mysqli
mgraphic's Avatar
Truth Seeker

Latest Blog Post:
JAMISONTUNES
Posts: 2,918
Name: Keith Marshall
Location: Connecticut
Trades: 0
Talkupation: mgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant futuremgraphic has a brilliant future
Using prepared statements:
http://phpro.org/tutorials/Introduct...HP-PDO.html#10
__________________

<mgraphic /> - I don't have a solution but I admire the problem.
mgraphic is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to Mysqli
 
Previous Thread | Next Thread Tycoon Talk > Web Development and Programming Support > PHP Forum > Mysqli

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.22387 seconds with 12 queries