static function executeSQL($db, $sql, $bindings = null, $types = null) { if ($statement = $db->prepare($sql)) { if (isset($bindings)) { $reset_types = false; if (!isset($types)) { $types = ''; $reset_types = true; } $bindings_ref = []; foreach ($bindings as $key => $value) { $bindings_ref[] =& $bindings[$key]; if ($reset_types) { $types .= SqlQuery::getTypeChar($value); } } array_unshift($bindings_ref, $types); call_user_func_array(array($statement, 'bind_param'), $bindings_ref); } if ($statement->execute()) { return $statement; } else { dbErr('query', 'execute', $sql, $db->error); } } else { dbErr('query', 'prepare', $sql, $db->error); } }
public function save() { $result = false; $id = $this->ival($this->id_name); if (isset($id) && $id > 0) { $columns = []; $bindings = []; $types = ''; foreach ($this->data as $key => $value) { if ($key != $this->id_name) { $columns[] = SqlQuery::validateColumn($key) . ' = ?'; $bindings[] =& $this->data[$key]; $types .= SqlQuery::getTypeChar($value); } } $bindings[] =& $this->data[$this->id_name]; $types .= 'i'; array_unshift($bindings, $types); $sql = sprintf('UPDATE %s SET %s WHERE %s = ?', $this->table_name, implode(',', $columns), $this->id_name); if ($st = $this->db->prepare($sql)) { call_user_func_array(array($st, 'bind_param'), $bindings); if ($st->execute()) { $result = true; } else { dbErr($this->table_name, 'execute', $sql, $this->db->error); } $st->close(); } else { dbErr($this->table_name, 'prepare', $sql, $this->db->error); } } else { $columns = []; $values = []; $bindings = []; $types = ''; foreach ($this->data as $key => $value) { if ($key != $this->id_name) { $columns[] = SqlQuery::validateColumn($key); $values[] = '?'; $bindings[] =& $this->data[$key]; $types .= SqlQuery::getTypeChar($value); } } array_unshift($bindings, $types); $sql = sprintf('INSERT INTO %s (%s) VALUES (%s)', $this->table_name, implode(',', $columns), implode(',', $values)); if ($st = $this->db->prepare($sql)) { //echo $sql; call_user_func_array(array($st, 'bind_param'), $bindings); if ($st->execute()) { $this->is_loaded = true; $result = true; $this->data[$this->id_name] = $this->db->insert_id; } else { dbErr($this->table_name, 'execute', $sql, $this->db->error); } $st->close(); } else { dbErr($this->table_name, 'prepare', $sql, $this->db->error); } } return $result; }