-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathPHPCRUDLib.php
135 lines (135 loc) · 3.85 KB
/
PHPCRUDLib.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
<?php
namespace PHPGrammers;
include __DIR__.'/DBConfig.php';
use PHPGrammers\DBConfig as DBconfig;
class PHPCRUDLib {
protected $table;
protected $conn;
function __construct($table_name) {
$this->table = $table_name;
$DBconfig = new DBConfig();
$this->conn =$DBconfig->databaseConnection();
}
//table fields
protected function dbfields () {
return $this->getFieldsOnTable();
}
// get tables fields
protected function getFieldsOnTable() {
$rows =$this->loadResultWithNoBind("SELECT column_name AS field, data_type AS type FROM information_schema.columns WHERE table_name ='".$this->table."'");
$fields = array();
foreach ($rows as $key => $value) {
$fields[] = $value['field'];
}
return $fields;
}
// all record in tables
public function allRecords(){
return $this->loadResultWithNoBind("SELECT * FROM ".$this->table);
}
protected function attributes() {
// return an array of attribute names and their values
$attributes = array();
foreach($this->dbfields() as $field) {
if(property_exists($this, $field)) {
$attributes[$field] = $this->$field;
}
}
return $attributes;
}
protected function sanitized_attributes() {
$clean_attributes = array();
// sanitize the values before submitting
// Note: does not alter the actual value of each attribute
foreach($this->attributes() as $key => $value){
$clean_attributes[$key] = $this->escape_value($value);
}
return $clean_attributes;
}
/*--Create,Update and Delete methods--*/
public function save() {
// A new record won't have an id yet.
return isset($this->id) ? $this->update() : $this->create();
}
protected function create() {
$attributes = $this->sanitized_attributes();
for ($i=0; $i <count($attributes) ; $i++) {
$sql_placeholder[] ="?";
}
$sql = "INSERT INTO ".$this->table." (";
$sql .= join(", ", array_keys($attributes));
$sql .= ") VALUES (";
$sql .= join(",", array_values($sql_placeholder));
$sql .= ")";
return $this->executeQueryWithBind($attributes, $sql, $condition=null);
}
public function update($id=0) {
$attributes = $this->sanitized_attributes();
$attribute_pairs = array();
foreach($attributes as $key => $value) {
$attribute_pairs[] = "{$key}=?";
}
$sql = "UPDATE ".$this->table." SET ";
$sql .= join(", ", $attribute_pairs);
$sql .= " WHERE id=?";
$condition[] =$id;
return $this->executeQueryWithBind($attributes, $sql, $condition);
}
public function delete($id=0) {
$sql = "DELETE FROM ".$this->table;
$sql .= " WHERE id=?";
$sql .= " LIMIT 1 ";
$condition[] =$id;
return $this->executeQueryWithBind($attributes=null, $sql, $condition);
}
/* ------------------------ */
//escape
protected function escape_value( $value ) {
$value = trim(strip_tags($value));
return $value;
}
//sql read with no bind paramenter
protected function loadResultWithNoBind($sql)
{
if (!$query = $this->conn->prepare($sql)) {
// code...
} else{
$query->execute();
$result = $query->fetchAll();
return $result;
}
}
//query with bind
protected function executeQueryWithBind($attributes, $sql, $condition)
{
if (!$query = $this->conn->prepare($sql)) {
return false;
} else{
if ($attributes!=null) {
$dataArray = array_values($attributes);
foreach ($dataArray as $key => $values) {
$dataValue = $values;
$key +=1;
$query->bindParam($key,$dataValue);
unset($dataValue);
}
} else{
$key =0;
}
if ($condition!=null) {
$dataArray = array_values($condition);
foreach ($dataArray as $_key => $values) {
$dataValue = $values;
$key +=1;
$query->bindParam($key,$dataValue);
unset($dataValue);
}
}
if ($query->execute()) {
return true;
}else{
return false;
}
}
}
}