Pancake Posted December 19, 2007 Share Posted December 19, 2007 Just wondering if this is used properly: class sendQuery extends sqlStuff { /* Sends the data to the DB */ function insertInfo($b, $c) { $query = $this->cnx->prepare("INSERT INTO users (user, pass) VALUES (?, ?)"); //Prepares the query... $query->bind_param('ss', $b,$c); //Binds the value with the query if($query->execute()) { //Runs the query and checks if it was successful. return true; } else { //Query was unsuccessful! Sends an error message. return false; throw new Exception("ERROR doing query!"); } $query->close(); } } /* END sendQuery Class */ try { //Runs the above classes and checks for errors.... $cnx = new sqlStuff(); $do = new sendQuery(); $do->insertInfo('Username', sha1('Password')); echo 'Information Inserted Successfully!'; }catch(Exception $e) { //If there are any errors, they will be printed out how we defined them earlier. echo 'Caught Exception: '. $e->getMessage(); } Will the string be escaped? Or should I do something like mysqli_relal_escape_string() along with it? Note: The sqlStuff just connects and isn't vital to the script. And is it possible to simply do: new sqlStuff(); instead of $sql = new sqlStuff(); (sqlStuff only has a __construct and __destruct function that doesn't return anything) Link to comment https://forums.phpfreaks.com/topic/82350-proper-use-of-prepare/ Share on other sites More sharing options...
trq Posted December 19, 2007 Share Posted December 19, 2007 You don't need to instantiate sqlStuff at all if sendQuery extends it. Why you would extend an empty class is behond me though, I assume your going to build on that in the future. Link to comment https://forums.phpfreaks.com/topic/82350-proper-use-of-prepare/#findComment-418618 Share on other sites More sharing options...
Pancake Posted December 19, 2007 Author Share Posted December 19, 2007 sqlStuff Class: class sqlStuff { /* Creates variables to be used in the SQL Connection. These should be changed to match your SQL server settings */ protected $db_host = 'localhost'; protected $db_user = 'root'; protected $db_pass = 'root'; protected $db_name = 'database'; /* This one needs to be used accross all classes, so this is public */ public $cnx; /* Actually connect to the DB */ function __construct() { if(!$this->cnx = new mysqli($this->db_host, $this->db_user, $this->db_pass, $this->db_name)) { //A connection was unsuccessfully made... return false; throw new Exception("ERROR Connecting to DB! Bad username/password?"); //Makes an error message to be cleaned up later. } else { //Connection was successfully made! return true; } } function __destruct() { //Closes the connection when an unset() function is used. $this->cnx->close(); } } I suppose I would possible want to use in some procedural coding later: mysqli_query($sql->cnx, "SELECT * FROM someTable"); So it could be some use/ And at the end of my script, I use: unset($sql); Whole Script: http://www.newerth.com/pancake/showproject/sqlClassExample Link to comment https://forums.phpfreaks.com/topic/82350-proper-use-of-prepare/#findComment-418638 Share on other sites More sharing options...
trq Posted December 19, 2007 Share Posted December 19, 2007 Well, thats fair enough, still don't need to instantiate sqlStuff. Link to comment https://forums.phpfreaks.com/topic/82350-proper-use-of-prepare/#findComment-418646 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.