function addTaskAssessment($post) { global $mysql; $obj = array("id" => date("YmdHis") . str_pad(rand(0, 9999), 4, rand(0, 9), STR_PAD_LEFT), "taskListId" => $post["taskListId"], "taskExecutor" => "-" . $_SESSION["name"] . "-", "selfAssessment" => myStrEscape($post["selfAssessment"])); $mysql->DBInsertAsArray("`task_self_assessment`", $obj); return array('status' => 'successful', 'errMsg' => '', 'taskListId' => $obj["id"]); }
public function DBUpdate($tableValue, $obj, $condition, $conditionValues = null) { if (!contains($tableValue, "`")) { $tableValue = '`' . $tableValue . '`'; } $sql = " update {$tableValue} SET "; foreach ($obj as $key => $value) { $sql .= " `{$key}`="; $type = gettype($value); switch ($type) { case "boolean": $sql .= "'" . ($value ? "true" : "false") . "',"; break; case "integer": $sql .= $value . ","; break; case "double": $sql .= $value . ","; break; case "NULL": $sql .= "null,"; break; case "string": if (strtolower($value) == "now()") { $sql .= "now(),"; } else { $sql .= "'" . myStrEscape($value) . "',"; } break; default: throw new Exception("unknown type:" . $type . " of value:" . $value . " key:" . $key); break; } } $sql = substr($sql, 0, -1); $count = substr_count($condition, "?"); $count2 = count($conditionValues); if ($count != $count2) { throw new Exception("sql:{$condition} need {$count} values but get {$count2} !"); } $i = 0; $index = 0; for (; $i < $count; $i++) { $value = $conditionValues[$i]; $type = gettype($value); switch ($type) { case "boolean": $value = $value ? "true" : "false"; break; case "integer": case "NULL": case "double": break; case "string": $value = myStrEscape($value); break; default: throw new Exception("unknown type:" . $type . " of value:" . $value); break; } $condition = str_replace_once($condition, "?", $value); } if ($condition != "" && trim($condition) != "") { $sql .= " where " . $condition; } $this->dbSQL = $sql; $this->DBExecute($this->dbSQL); }