First version, for githup; UNSTABLE, DO NOT USE!

2026-04-12 21:25:44 +02:00
commit a51fd9dbeb
423 changed files with 58560 additions and 0 deletions
--- a/scripts/db/db-functions.php
+++ b/scripts/db/db-functions.php
@@ -0,0 +1,132 @@
+<?php
+
+function db_get_results($mysqli, $sql) {
+    $result = $mysqli->query($sql);
+    if (!$result) return [];
+    return $result->fetch_all(MYSQLI_ASSOC);
+}
+
+function db_get_row($mysqli, $sql) {
+    $result = $mysqli->query($sql);
+    if (!$result) return null;
+    return $result->fetch_assoc();
+}
+
+function db_get_col($mysqli, $sql) {
+    $result = $mysqli->query($sql);
+    if (!$result) return [];
+    $col = [];
+    while ($row = $result->fetch_row()) {
+        $col[] = $row[0];
+    }
+    return $col;
+}
+
+function db_update($mysqli, $table, $data, $where) {
+    $set = [];
+    $params = [];
+    foreach ($data as $col => $val) {
+        $set[] = "`$col` = ?";
+        $params[] = $val;
+    }
+
+    $cond = [];
+    foreach ($where as $col => $val) {
+        $cond[] = "`$col` = ?";
+        $params[] = $val;
+    }
+
+    $sql = "UPDATE `$table` SET ".implode(", ",$set)." WHERE ".implode(" AND ",$cond);
+    $stmt = $mysqli->prepare($sql);
+
+    // Bind params dynamically
+    $types = str_repeat("s", count($params));
+    $stmt->bind_param($types, ...$params);
+
+    $stmt->execute();
+    return $stmt->affected_rows;
+}
+
+function db_delete($mysqli, $table, $where) {
+    $params = [];
+
+    $cond = [];
+    foreach ($where as $col => $val) {
+        $cond[] = "`$col` = ?";
+        $params[] = $val;
+    }
+
+    $sql = "DELETE FROM `$table` WHERE ".implode(" AND ",$cond);
+    $stmt = $mysqli->prepare($sql);
+
+    // Bind params dynamically
+    $types = str_repeat("s", count($params));
+    $stmt->bind_param($types, ...$params);
+
+    $stmt->execute();
+    return;
+}
+
+/**
+ * Select rows from a table using mysqli, safely with prepared statements.
+ *
+ * @param mysqli $mysqli      The active mysqli connection
+ * @param string $table       Table name
+ * @param array|string $columns  Array of column names OR "*" for all columns
+ * @param string|null $where  Optional WHERE clause (without the "WHERE")
+ * @param array $params       Parameters for prepared statement (values only)
+ * @param string|null $order  Optional ORDER BY (e.g. "id DESC")
+ * @param string|null $limit  Optional LIMIT (e.g. "10", "0,20")
+ * @return array              Returns array of associative rows
+ */
+function db_select($mysqli, $table, $columns = "*", $where = null, $params = [], $order = null, $limit = null) {
+
+    // Convert array of columns into SQL string
+    if (is_array($columns)) {
+        $columns = implode(", ", array_map(fn($c) => "`$c`", $columns));
+    }
+
+    $sql = "SELECT $columns FROM `$table`";
+
+    if ($where) {
+        $sql .= " WHERE $where";
+    }
+    if ($order) {
+        $sql .= " ORDER BY $order";
+    }
+    if ($limit) {
+        $sql .= " LIMIT $limit";
+    }
+
+    $stmt = $mysqli->prepare($sql);
+
+    if (!$stmt) {
+        return []; // or throw exception
+    }
+
+    // Bind params if there are any
+    if (!empty($params)) {
+        $types = str_repeat("s", count($params)); // simple: treat everything as string
+        $stmt->bind_param($types, ...$params);
+    }
+
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    if (!$result) return [];
+
+    return $result->fetch_all(MYSQLI_ASSOC);
+}
+
+function db_get_var($mysqli, $sql, $params = []) {
+    $stmt = $mysqli->prepare($sql);
+    if (!empty($params)) {
+        $types = str_repeat('s', count($params)); 
+        $stmt->bind_param($types, ...$params);
+    }
+    $stmt->execute();
+    $stmt->bind_result($value);
+    $stmt->fetch();
+    $stmt->close();
+    return $value;
+}