Example #1
0
function executeBoundSQL($cmdstr, $list)
{
    /* Sometimes a same statement will be excuted for severl times, only
    	 the value of variables need to be changed.
    	 In this case you don't need to create the statement several times; 
    	 using bind variables can make the statement be shared and just 
    	 parsed once. This is also very useful in protecting against SQL injection. See example code below for       how this functions is used */
    global $db_conn, $success;
    $statement = OCIParse($db_conn, $cmdstr);
    if (!$statement) {
        echo "<br>Cannot parse the following command: " . $cmdstr . "<br>";
        $e = OCI_Error($db_conn);
        echo htmlentities($e['message']);
        $success = False;
    }
    foreach ($list as $tuple) {
        foreach ($tuple as $bind => $val) {
            //echo $val;
            //echo "<br>".$bind."<br>";
            OCIBindByName($statement, $bind, $val);
            unset($val);
            //make sure you do not remove this. Otherwise $val will remain in an array object wrapper which will not be recognized by Oracle as a proper datatype
        }
        $r = OCIExecute($statement, OCI_DEFAULT);
        if (!$r) {
            echo "<br>Cannot execute the following command: " . $cmdstr . "<br>";
            $e = OCI_Error($statement);
            // For OCIExecute errors pass the statementhandle
            echo htmlentities($e['message']);
            echo "<br>";
            $success = False;
        }
    }
}
Example #2
0
 function executePlainSQL($cmdstr)
 {
     //takes a plain (no bound variables) SQL command and executes it
     //echo "<br>running ".$cmdstr."<br>";
     global $db_conn, $success;
     $statement = OCIParse($db_conn, $cmdstr);
     //There is a set of comments at the end of the file that describe some of the OCI specific functions and how they work
     if (!$statement) {
         echo "<br>Cannot parse the following command: " . $cmdstr . "<br>";
         $e = OCI_Error($db_conn);
         // For OCIParse errors pass the
         // connection handle
         echo htmlentities($e['message']);
         $success = False;
     }
     $r = OCIExecute($statement, OCI_DEFAULT);
     if (!$r) {
         echo "<br>Cannot execute the following command: " . $cmdstr . "<br>";
         $e = oci_error($statement);
         // For OCIExecute errors pass the statementhandle
         echo htmlentities($e['message']);
         $success = False;
     } else {
     }
     return $statement;
 }
    											FOREIGN KEY (tid) REFERENCES trainer,
    											FOREIGN KEY (lname) REFERENCES location)");
    		echo "<br> 12 <br>";
    		executePlainSQL ("DROP TABLE item");
    		executePlainSQL ("CREATE TABLE item (iid varchar(255),
    											type varchar(255),
    											Description varchar(255),
    											PRIMARY KEY (iid))");
    		executePlainSQL ("insert into item values (1,1,1)");
    		echo "<br> 13 <br>";
    		executePlainSQL ("DROP TABLE item_loc");
    		executePlainSQL ("CREATE TABLE item_loc (iid varchar(255),
    												lname varchar(255),
    												PRIMARY KEY (iid,lname))");
    		echo "<br> 14 <br>";
    		executePlainSQL ("DROP TABLE location");
    		executePlainSQL ("CREATE TABLE location (lname varchar(255),
    												description varchar(255),
    												PRIMARY KEY (lname))");
    		executePlainSQL ("insert into location values (1,1)");
    												
    	 	OCILogoff($db_conn);*/
} else {
    echo "cannot connect";
    $e = OCI_Error();
    // For OCILogon errors pass no handle
    echo htmlentities($e['message']);
}
?>
	</p>
</html>
 /**
 +----------------------------------------------------------
 * 数据库错误信息
 * 并显示当前的SQL语句
 +----------------------------------------------------------
 * @access public 
 +----------------------------------------------------------
 * @return string
 +----------------------------------------------------------
 * @throws ThinkExecption
 +----------------------------------------------------------
 */
 public function error()
 {
     $this->error = OCI_Error($this->_linkID);
     $this->error = $this->error["message"];
     if ($this->queryStr != '') {
         $this->error .= "\n [ SQL语句 ] : " . $this->queryStr;
     }
     return $this->error;
 }