| 
<?php 
/*load the files*/
 require_once "DB.php";
 require_once "DB_Connect.php";
 
 /*
 *  Here is are some example of usage
 *  The table that we are working on has the following columns with auto increment on id:
 *  id | username | password | real_name
 *
 */
 
 $db = new DB(); // create the object
 
 /*
 * ######This class runs ONLY Parameterized SQL Queries#####
 */
 
 
 
 
 /*
 * WHAT IS PARAMETERIZED QUERY?
 *
 * Roughly, on parameterized queries the structure of the query is seperated from the parameters;
 * It helps you improve:
 * Security since SQL Injections are no more possible,
 * Performance since parameterized are chached
 * Organization and Maintance since the stucture is seperated from the data
 *
 *
 * How to prepare Parameterized Queries?
 *
 * Well, it is not that different; The only thing is, that instead writing the variables inside the query
 * you put ? as place holder.
 * NOTE: You can't put ? as place holder for table name,column name or statements and etc.
 *
 * If you are confused, just look at the examples, its easy.
 *
 */
 
 
 //Here is the query, instead of writing a number for limit, we just put ? as placeholder
 $query = "SELECT * FROM users LIMIT ?";
 
 //And here is how to run it. 1.st parameter in $db->query() is the SQL query itself, and the 2.nd is the value for ?
 $db->query($query,10); // This is equal to: SELECT * FROM users LIMIT 10
 
 //You can have as many parameters as you want. Just put ? as place holder and then add a parameter for every ? in the same order
 $db->query("SELECT * FROM users WHERE username = ? AND password = ? AND real_name = ? LIMIT ?","root","thepassword","smith",1);
 
 //You don't have to put ? for every parameter.
 $real_name = "smith";
 $db->query("SELECT * FROM users WHERE real_name = ? LIMIT 1",$real_name);
 
 //$db->query() Will return the result of the query as associated array
 $result = $db->query("SELECT * FROM users LIMIT ?",10);
 ?><pre><?
 ?><br /><br />$result:<?
 print_r($result);
 
 //You can get the number of selected,inserted,deleted or updated rows in last query just like that:
 $number_rows_for_the_last_query = $db->num_rows;
 
 ?><br /><br />$number_rows_for_the_last_query:<?
 print($number_rows_for_the_last_query);
 
 //OR you can run the query instantly and get the number:
 $number_rows_for_the_query = $db->num_rows("SELECT * FROM users LIMIT ?",10);
 
 ?><br /><br />$number_rows_for_the_query:<?
 print($number_rows_for_the_query);
 
 //It works for insert,update and delete too:
 $number_of_inserted_rows = $db->num_rows("INSERT INTO users(id,username,password,real_name) VALUES(NULL,?,?,?)",'smith123','qwerty','smith john');
 
 ?><br /><br />$number_of_inserted_rows:<?
 print($number_of_inserted_rows);
 
 // AND get the last insert id from the auto increment for the last query:
 $last_insert_id = $db->insert_id;
 
 ?><br /><br />$last_insert_id:<?
 print($last_insert_id);
 
 // OR run the query and get the last insert id directly:
 $last_insert_id = $db->insert_id("INSERT INTO users(id,username,password,real_name) VALUES(NULL,?,?,?)",'smith123','qwerty','smith john');
 
 ?><br /><br />$last_insert_id:<?
 print($last_insert_id."<br />");
 
 /*And lets see what is in the log*/
 
 print_r($db->log);
 
 
 ?>
 </pre>
 |