Snippets

Home / Snippets / MySQL Database Class

MySQL Database Class

Snippet Menu

snippet |

revisions |

comments | Related Snippets

related |

Add to Favorites | Email

download | Print

print | Blog It

blog it

Wed. Apr. 4th, 2007 8:52 AM

1 of 1

ushi

Anti-Injection | Class | Database | mysql | PHP

6 comments

A simple MySQL class for use in PHP.
Feel free to suggest improvements.

<?php

  # Configuration

  $config['sql']['host'] = "localhost";

  $config['sql']['user'] = "root";

  $config['sql']['pass'] = "";

  $config['sql']['base'] = "test";

?>

<?php

  class db_mysql {

    var $link;

    var $host;

    var $user;

    var $pass;

    var $base;

    function db_mysql() {

      global $config;

      $this->host = $config['sql']['host'];

      $this->user = $config['sql']['user'];

      $this->pass = $config['sql']['pass'];

      $this->base = $config['sql']['base'];

    }

    public function connect() {

      $this->link = mysql_connect($this->host, $this->user, $this->pass) or die("<b>Error:</b> Connection to database server cannot be established.");

      mysql_select_db($this->base, $this->link)or die("<b>Error:</b> Connection to database cannot be established.");

    }

    public function close() {

      mysql_close($this->link);

    }

    private function query($query) {

      $result = mysql_query ($query, $this -> link);

      return $result;

    }

    public function strip($string) {

      # For use in querystring - prevents SQL injections

      return "'" . mysql_real_escape_string($string, $this->link) . "'";

    }

    public function list_assoc($query) {

      $results = array();

      # Querying database

      $resource = $this->query($query);

      # Stacking all results in one array

      while ($row = @mysql_fetch_assoc ($resource)) {

        $results[] = $row;

      }

      @mysql_free_result($resource);

      return $results;

    }

    public function row_assoc($query) {

      # Querying database

      $resource = $this->query($query);

      # Fetching result

      $result = @mysql_fetch_assoc ($resource);

      @mysql_free_result($resource);

      return $result;

    }

    public function update($table, $vals, $where) {

      $result = $this->query("UPDATE " . $table . " SET " . $vals . " WHERE " . $where);

      return $result;

    }

    public function insert($table, $vals) {

      $result = $this->query("INSERT INTO " . $table . " SET " . $vals);

      return $result;

    }

  }

?>

<?php

  $db = new db_mysql();

  $db->connect();

  # List

  $users = $db->list_assoc("SELECT username FROM users ORDER BY username ASC");

  foreach ($users as $user) {

    echo($user['username'] . "<br />");

  }

  # One row

  $user = $db->row_assoc("SELECT username FROM users WHERE id = " . $db->strip($_GET['id']));

  echo($user['username']);

  # Insert

  $db->insert("users", "username = " . $db->strip($_GET['username']) . ", password = " . $db->strip($_GET['password']));

  # Update

  $db->update("users", "username = " . $db->strip($_GET['username']), "id = " . $db->strip($_GET['id']));

  $db->close();

?>