jackjohnson44
asked on
php mysql parameters, can someone please explain this code?
I have no idea what this prepare, question marks, and other stuff do. Can someone please explain? Some code is missing, but this is the important stuff
function create($input)
{
$params = array('xxxx',
$input->__get(first),
$input->__get(last),
date( 'Y-m-d H:i:s'),
date( 'Y-m-d H:i:s'));
$query = "INSERT INTO user (first, last, createddate, lastmodifieddate) VALUES (?,?,?,?)";
$this->msqlConn->exeDB($qu ery, $params);
}
function exeDB($query, $parameters)
{
$this->getMySqliConnection ();
$st = $this->m_sqliconnection->p repare($qu ery);
if(mysqli_errno($this->m_s qliconnect ion))
{
die("ERROR");
}
$types = $param[0];
unset($param[0]);
$i = 0;
foreach ($params as $param) {
$bind_name = 'bind' . $i;
$$bind_name = $param;
$bind_names[] = &$$bind_name;
}
$bind_params[] = $types;
$bind_params[] = array_merge($bind_params, $bind_names);
$return = call_user_func_array(array ($st, 'bind_param'),$params);
if(!$st->execute())
{
die("Execute error : " . mysqli_error());
}
$st->close();
$this->closeMySqliConnecti on();
}
function create($input)
{
$params = array('xxxx',
$input->__get(first),
$input->__get(last),
date( 'Y-m-d H:i:s'),
date( 'Y-m-d H:i:s'));
$query = "INSERT INTO user (first, last, createddate, lastmodifieddate) VALUES (?,?,?,?)";
$this->msqlConn->exeDB($qu
}
function exeDB($query, $parameters)
{
$this->getMySqliConnection
$st = $this->m_sqliconnection->p
if(mysqli_errno($this->m_s
{
die("ERROR");
}
$types = $param[0];
unset($param[0]);
$i = 0;
foreach ($params as $param) {
$bind_name = 'bind' . $i;
$$bind_name = $param;
$bind_names[] = &$$bind_name;
}
$bind_params[] = $types;
$bind_params[] = array_merge($bind_params, $bind_names);
$return = call_user_func_array(array
if(!$st->execute())
{
die("Execute error : " . mysqli_error());
}
$st->close();
$this->closeMySqliConnecti
}
ASKER
Thanks, I am more concerned with the prepare, and parameters stuff. the getmysqlconn is just a function that returns a db connection. It isn't too important.
check: m_sqliconnection
$this->getMySqliConnection ();
$st = $this->m_sqliconnection->p repare($qu ery);
if(mysqli_errno($this->m_s qliconnect ion))
looks like a user defined class to me
$this->getMySqliConnection
$st = $this->m_sqliconnection->p
if(mysqli_errno($this->m_s
looks like a user defined class to me
prepare sounds like a query placeholder
sound like a sqli transaction here
sound like a sqli transaction here
Answered:
function exeDB($query, $parameters) takes Parameters and REPLACES each ? from left to right in
SQL query
$params = array('xxxx',
$input->__get(first),
$input->__get(last),
date( 'Y-m-d H:i:s'),
date( 'Y-m-d H:i:s'));
$query = "INSERT INTO user (first, last, createddate, lastmodifieddate) VALUES (?,?,?,?)";
$this->msqlConn->exeDB($qu ery, $params);
function exeDB($query, $parameters) takes Parameters and REPLACES each ? from left to right in
SQL query
$params = array('xxxx',
$input->__get(first),
$input->__get(last),
date( 'Y-m-d H:i:s'),
date( 'Y-m-d H:i:s'));
$query = "INSERT INTO user (first, last, createddate, lastmodifieddate) VALUES (?,?,?,?)";
$this->msqlConn->exeDB($qu
ASKER
Thanks, but I am really not following at all. What are the questionmarks for? What is the array with xxxx for? Why xxxx? What does this mean?
foreach ($params as $param) {
$bind_name = 'bind' . $i;
$$bind_name = $param;
$bind_names[] = &$$bind_name;
}
$bind_params[] = $types;
$bind_params[] = array_merge($bind_params, $bind_names);
$return = call_user_func_array(array ($st, 'bind_param'),$params);
foreach ($params as $param) {
$bind_name = 'bind' . $i;
$$bind_name = $param;
$bind_names[] = &$$bind_name;
}
$bind_params[] = $types;
$bind_params[] = array_merge($bind_params, $bind_names);
$return = call_user_func_array(array
Read my comments. Hope this helps
function create($input)
{
// build an array called params that corresponds to the values in SQL statement
$params = array('xxxx',
$input->__get(first),
$input->__get(last),
date( 'Y-m-d H:i:s'),
date( 'Y-m-d H:i:s'));
// build SQL statement with ? marks to be later filled in by with params using the function exeDB
$query = "INSERT INTO user (first, last, createddate, lastmodifieddate) VALUES (?,?,?,?)";
// execute SQL statement
$this->msqlConn->exeDB($query, $params);
}
function exeDB($query, $parameters)
{
// this function executes an SQL statement; but first, we will do some replace work on the SQL
// load db object
$this->getMySqliConnection();
// load query. in the SQL the ? marks is input the db is waiting for to replace with valid inputs
$st = $this->m_sqliconnection->prepare($query);
if(mysqli_errno($this->m_sqliconnection))
{
die("ERROR"); // query not valid
}
// extract the first parameter since it is not an input just a type value we will use later
$types = $param[0];
// delete the first parameter since it is not an input
unset($param[0]);
$i = 0;
// loop through the actual values and create varibles named bind1, bind2, bind3, etc with values of parameters
// combine them into an array call bind_names
foreach ($params as $param) {
$bind_name = 'bind' . $i;
$$bind_name = $param;
$bind_names[] = &$$bind_name;
}
$bind_params[] = $types;
$bind_params[] = array_merge($bind_params, $bind_names);
$return = call_user_func_array(array($st, 'bind_param'),$params);
//execute the query with the values replaced in SQL
if(!$st->execute())
{
die("Execute error : " . mysqli_error());
}
$st->close();
$this->closeMySqliConnection();
ASKER
Thanks so much for your help. I really appreciate your patience here. I think that now I understand most of it, although I still am foggy on one part. again, thanks so much. I am a little dense.
What does types refer to? xxx doesn't mean anything (that I can think of) and why would it be pushed back into the array? It looks like he is taking off the first element, which is the xxx and assigning it to types, then he is creating a new array bind_names which is just a copy of the first without the type (xxx) which he stripped off. Then he is rebuilding the array exactly the same way it was. Why does he loop? Isn't he getting the same array as he started with?
He has an array, then loops and creates an associative array with the names bind(index), then just rebuilds it?
I just don't get this part:
$bind_params[] = $types;
$bind_params[] = array_merge($bind_params, $bind_names);
$return = call_user_func_array(array ($st, 'bind_param'),$params);
What does types refer to? xxx doesn't mean anything (that I can think of) and why would it be pushed back into the array? It looks like he is taking off the first element, which is the xxx and assigning it to types, then he is creating a new array bind_names which is just a copy of the first without the type (xxx) which he stripped off. Then he is rebuilding the array exactly the same way it was. Why does he loop? Isn't he getting the same array as he started with?
He has an array, then loops and creates an associative array with the names bind(index), then just rebuilds it?
I just don't get this part:
$bind_params[] = $types;
$bind_params[] = array_merge($bind_params, $bind_names);
$return = call_user_func_array(array
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This user-defined class may have functions or properties associated with it.
You may want to search your database connection code for this class to learn more.
If the script is throwing errors, you may be missing the include that defines this user-defined class.
Open in new window