Jump to content

PHP Handle MysqlI query functie check

gettosmurf

By gettosmurf
in PHP Coding Help

Recommended Posts

gettosmurf Newbie

gettosmurf

Posted
Posted

Hello there,

 

I'm new to this site/forum so i dont know if this is the right forum to post a code review / commentary request ....

 

I have a function that handels the sql code...

Know i would like to know what you think off it ? can I do something different or better ?..

<?PHP
		/*
		 * Private function db_query($sql) | handle....
		 * whit checking en extendid error reporting....
		 * Runs a query but does not return a result array....
		 * @String $sql | this is the sql query you whant to run.....
		 */
		 private function db_query($sql) {
				$this->sql = $sql;
					switch ( DEBUG_QUERY ) { // check debug mode...

						case true:
							try { // probeer query uit te voeren...

								$handle = $this->query($this->sql);

								if(!$handle) // if error whit the query...
								{
									$this->rollback();
									throw new Exception('MySQLi Query went wrong error ==> ' . mysqli::$error);	
								}

							} catch (Exception $e) { // error afhandeling and reporting..
												echo '<hr />';
												echo '<span style="color:red"><b>A MySQLi Query went wrong:</b></span><br />';
												echo var_dump($e->getMessage());
												echo '<br />';
												echo nl2br($e->getTraceAsString());
												echo '<br />';
												echo 'Error in File: ' . $e->getFile();
												echo '<br />';
												echo 'Thrown Exception on line: ' . $e->getLine();
												echo '<br /><hr />';
												exit();
							} // end error afhandeling and reporting...
						break;

						case false:
							$handle = $this->query($this->sql);
						break;
					} // end switch...
			return $handle;
		 }



		/*
		 * Public function db_Do | handels the insert, update, select and delete query's
		 * A lot off optional options for the different query's
		 * @String $type | Choose between the four type's | select, insert, update or delete | Default is Select
		 * @String $table | Select witch table you whant to use | give a vailid tablename you whant to use in the query
		 * @String $values | Input the values uw whant to select from the table | * for all - row1, row2, row3 | id, username, password
		 * @String $where | The where operator for the query | Where $where = | give a vailid row name | if used you must fill in the other two where operators | default = empty (optional)
		 * @String $opparator | The operator for the where operator | =, >, <, <>, >=, <=, !=, ==, ===, !==, LIKE, IS, IS NOT, +, -, /, %, * | whit check in_array | where 2 | default = empty (optional)
		 * @String / Int $where_val | The where value for the where operator | WHERE $where{id} $opparator{=} $where_val{1} | where 3 | default = empty (optional)
		 * @Bool $use_and | if TRUE you can use the AND operator | linked to the other three and operators | if you use 1 you must fill in all 4 of them | default = false (optional)
		 * @String $and_key | Value for the AND operator | same as $order_by | AND $and_key{username} | and 2 | default = empty (optional)
		 * @String $and_oparetor | The operator for the and section | same as $opparator | =, >, <, <>, >=, <=, !=, ==, ===, !==, LIKE, IS, IS NOT, +, -, /, %, * | whit check in_array | and 3 | default = '=' (optional)
		 * @String $and_value | The value for by the and_key | same as $where_val | AND $and_key{username} $and_oparetor{=} $and_value{'jhon'} | and 4 | default = empty (optional)
		 * @String $order_by | value for the Order by operator only used if hase a value | ORDER BY $order_by{id} | if used you must alsow fill in the second order by operator | default = empty (optional)
		 * @String $order_key | Value for the Order key by the order value | ORDER BY $order_by{id} $order_key{asc, desc} | check in_array | default = asc (optional)
		 * Error msg and checks includid, Failsafe...
		 * Runs the query and returns a row....
		 * Uses the db_query function...
		 * Version 1.0.0
		 */
		public function db_Do($type = 'select', $table, $values, $where = NULL, $opparator = NULL, $where_val = NULL, $use_and = FALSE, $and_key = NULL, $and_oparetor = '=', $and_value = NULL, $order_by = NULL, $order_key = 'ASC') {

					switch ( DEBUG_QUERY ) { // check debug mode...

						case true:
							if(in_array($type, $this->SQL_TYPE, TRUE)) { // check for correct $type...
								if(in_array($order_key, $this->ORDER_KEY, TRUE)) { // check if order key is allowd $order_key....
									if(in_array($opparator, $this->OPARATORS, TRUE)) { // check for vallid oparetors...
										if(empty($table) or strlen($table) >= 4) { // check if $table correct is....
											if(empty($values) or strlen($values) >= 4) { // check if the $values are given correctly....
												if(in_array($and_oparetor, $this->OPARATORS, TRUE)) { // check if and oparetor is allowd.....

							switch( $type ) { // witch type...

							case 'select':
							// Build the SQL Query....
								$query = 'SELECT '. $this->real_escape_string($values) .' FROM '. $table .' '; 
									if(!empty($where) and (empty($where_val) or empty($opparator))) {
										$row = 'Sorry you have to fill in all 3 of the where conditions!'; return $row; }
									elseif(!empty($where) || !empty($where_val) || !empty($opparator)) {
										 $query .= 'WHERE '. $where .' '. $opparator .' "'. $this->real_escape_string($where_val) .'" '; }
									if($use_and == true and !empty($and_key) and !empty($and_value)) {
										 $query .= 'AND '. $and_key .' '. $and_oparetor .' "'. $this->real_escape_string($and_value) .'" '; }
									elseif($use_and == true and (empty($and_key) or empty($and_value))) {
											$row = 'Sorry you have to fill in all 3 off the AND oparetors correctly.'; return $row; }
									if(!empty($order_by)) { 
										$query .= ' ORDER BY '. $order_by .' '. $order_key .''; }

								$this->sql = $query;
								$handle = $this->db_query($this->sql);
								$row = $handle->fetch_assoc();
								mysqli_free_result($handle);					
							break;

							case 'insert':
								// Build the SQL Query......
								$query = 'INSERT INTO '. $table .' ('. $this->real_escape_string($values) .') ';
								$query .= 'VALUES ('. $this->real_escape_string($where) .')';

								$this->sql = $query;
								$handle = $this->db_query($this->sql);
								$row = ($handle) ? true : false;
								unset($handle); // empty / unset $handle...
							break;

							case 'update':
								// Build the SQL Query......
								$query = 'UPDATE '. $table .' ';
								$query .= 'SET '. $this->real_escape_string($values) .' ';

									if(!empty($where) and !empty($where_val) and !empty($opparator)) { 
										$query .= 'WHERE '. $where .' '. $opparator .' "'. $this->real_escape_string($where_val) .'" '; } 
									elseif(empty($where) or empty($where_val) or empty($opparator)) {
										$row = 'Sorry you have to fill in all 3 of the where conditions!'; return $row; }
									if($use_and == true and !empty($and_key) and !empty($and_value)) {
										 $query .= 'AND '. $and_key .' '. $and_oparetor .' "'. $this->real_escape_string($and_value) .'" '; }
									elseif($use_and == true and (empty($and_key) or empty($and_value))) {
											$row = 'Sorry you have to fill in all 3 off the AND oparetors correctly.'; return $row; }

								$this->sql = $query;

								$handle = $this->db_query($this->sql);
								$row = ($handle) ? true : false;
								unset($handle); // empty / unset $handle....
							break;

							case 'delete':
								//Construct the delete query.....
								$query = 'DELETE FROM '. $table .' ';
								$query .= 'WHERE '. $where .' '. $opparator .' "'. $this->real_escape_string($where_val) .'" ';
									if($use_and == true and !empty($and_key) and !empty($and_value)) {
										 $query .= 'AND '. $and_key .' '. $and_oparetor .' "'. $this->real_escape_string($and_value) .'" '; }
									elseif($use_and == true and (empty($and_key) or empty($and_value))) {
										$row = 'Sorry you have to fill in all 3 off the AND oparetors correctly.'; return $row; }

								$this->sql = $query;

								$handle = $this->db_query($this->sql);
								$row = ($handle) ? true : false;
								unset($handle); // empty / unset $handle....
							break;

							} // end switch( $type ).....


												} else { // Correct Oparetors......
													$row = 'Incorrect Oparetor in the AND section choose out: =, >, <, <>, >=, <=, !=, ==, ===, !==, LIKE, IS, IS NOT, +, -, /, %, * or use the FreeQuery';
												}
											} else { // Correct VALUES.....
												$row = 'Sorry you have to fill in the values parameter correctly and it hase to be bigger then 3 chars.';
											}
										} else { // Correct TABLE....
											$row = 'Sorry you have to fill in the table parameter correctly and it hase to be bigger than 3 chars.';	
										}
									} else { // Correct Oparetors......
										$row = 'Incorrect Oparetor in the WHERE section choose out: =, >, <, <>, >=, <=, !=, ==, ===, !==, LIKE, IS, IS NOT, +, -, /, %, * or use the FreeQuery';
									}
								} else { // if order_key is NOT allowd....
									$row = 'Incorrect Order by opparator: <b>'. $order_key .'</b> choos between (asc or desc)';
								}
							} else { // if not correct type return error msg....
								$row = 'Incorrect type: <b>'. $type . '</b> choose between (select, insert, update or delete)';	
							}
						break; // end case true...

						case false:


						break; // end case false...

					} // end switch( debug_query )...
				return $row;

		} // end public function db_Do().....

?>

It's still a work in process so it's not done yet...

 

Link to comment
https://forums.phpfreaks.com/topic/249929-php-handle-mysqli-query-functie-check/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.