[英]Php function to run mysql queries
I am trying to create functions to run mysql queries 我正在尝试创建函数来运行mysql查询
How would I do things like insert queries. 我将如何做诸如插入查询之类的事情。 I was thinking
我刚在想
function insert_query ($table,$cols,$values)
{
$sql="insert into $table ($cols) values ($values) "; ...etc
}
With the rest of the query code in the function. 与其余查询代码一起在函数中。 But how would I add multiple columns and values?
但是如何添加多个列和值?
Should I make $cols
and $values
An array inside the function? 我应该在函数内部使
$cols
和$values
数组吗?
Easy, just us arrays 简单,仅我们数组
function insert_query ($table,$cols,$values){
$sql="insert into $table (".implode(",", $cols).") values (".implode("','", $values)."'') ";
}
insert_query('exampleTable', array('column_1', 'column_2', 'column_3'), array('a', 123, 'c') );
The implode for the values requires a small sidenote: 这些值的内插需要一个小的旁注:
Strings always required being wrapped in quotes. 始终需要将字符串用引号引起来。 Therefor I made the implode with single qoutes.
因此,我以单次qoutes进行了爆破。 The downside to this is that integets (like
123
in the example) also get wrapped. 不利的一面是,整数(如示例中的
123
)也被包裹了。
This is not a big problem, but if you want you could replace the implode with a foreach that uses is_numeric
to check wether it should be wrapped in quotes. 这不是一个大问题,但是如果您愿意,可以用一个使用
is_numeric
检查是否要用引号括起来的foreach替换爆破。
IMPORTANT SECURITY NOTE: 重要安全注意事项:
In this example I havent used proper seurity, like escape_string()
, this has to be added! 在此示例中,我没有使用适当的安全性,例如
escape_string()
,必须添加它! I've not added thos to keep the examples smaller 我没有添加任何使示例更小的方法
Another approach could be key/value-usage of an array: 另一种方法可能是数组的键/值使用:
function insert_query ($table,$data){
$cols = array_keys($data);
$values = array_values($data);
$sql = "insert into $table (".implode(",", $cols).") values (".implode("','", $values)."'') ";
}
$info = array('column_1'=>'a', 'column_2'=>123, 'column_3'=>'c');
$info['example'] = 'Easy method to add more key/values';
insert_query('tableName', $info);
In this case you can use functions similar to codeigniter functions. 在这种情况下,您可以使用类似于codeigniter函数的函数。 Use arrays to store table name and columns or values
使用数组存储表名称以及列或值
For example: 例如:
$data = array('hid' => $hcsdate,'start_date' => $sdate, 'end_date' => $edate, 'title' =>$title);
Here $data
holds the column name and corresponding values. 这里
$data
保存列名和相应的值。
And pass this $data
to another functions for insert, update etc.. 并将此
$data
传递给另一个函数进行插入,更新等。
Here is what I'm using. 这是我正在使用的。 Pass field name and Value as Array key and value.
将字段名称和值传递为数组键和值。 $lsQry is an array of field name & value pair
$ lsQry是字段名称和值对的数组
function insert_record($table,$lsQry)
{
$fields_str = implode(',',array_keys($lsQry));
$data_str = implode("','",$lsQry);
$data_str = "'" . implode("','", $lsQry) . "'";
$lsQry = "INSERT INTO $table($fields_str) VALUES($data_str)";
$rs = mysql_query($lsQry);
if(isset($rs))
return true;
else
return false;
}
Please Note 请注意
For this function, do consider that function is getting an array of fields name and value pair. 对于此函数,请务必考虑该函数正在获取字段名称和值对的数组。 It is assumed that htmlentities() and addslashes() or any escaping functions are already applied while creating array from post/get values.
假定从发布/获取值创建数组时,已经应用了htmlentities()和Addslashes()或任何转义函数。
This is a function of my Database Class. 这是我的数据库类的功能。
public function insert($table,$values){
$fieldNames = "";
$fieldValues = "";
foreach($values as $key => $value){
$fieldNames .= "$key,";
$fieldValues .= "$value,";
}
$fieldNames = substr($fieldNames,0,-1);
$fieldValues = substr($fieldValues,0,-1);
$sql = "INSERT INTO $table($fieldNames) VALUES ($fieldValues)";
$this->newConnection();
$result = $this->mysqli->query($sql);
$this->closeConnection();
return $result;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.