133 lines
3.4 KiB
PHP
133 lines
3.4 KiB
PHP
<?php
|
|
|
|
function db_get_results($mysqli, $sql) {
|
|
$result = $mysqli->query($sql);
|
|
if (!$result) return [];
|
|
return $result->fetch_all(MYSQLI_ASSOC);
|
|
}
|
|
|
|
function db_get_row($mysqli, $sql) {
|
|
$result = $mysqli->query($sql);
|
|
if (!$result) return null;
|
|
return $result->fetch_assoc();
|
|
}
|
|
|
|
function db_get_col($mysqli, $sql) {
|
|
$result = $mysqli->query($sql);
|
|
if (!$result) return [];
|
|
$col = [];
|
|
while ($row = $result->fetch_row()) {
|
|
$col[] = $row[0];
|
|
}
|
|
return $col;
|
|
}
|
|
|
|
function db_update($mysqli, $table, $data, $where) {
|
|
$set = [];
|
|
$params = [];
|
|
foreach ($data as $col => $val) {
|
|
$set[] = "`$col` = ?";
|
|
$params[] = $val;
|
|
}
|
|
|
|
$cond = [];
|
|
foreach ($where as $col => $val) {
|
|
$cond[] = "`$col` = ?";
|
|
$params[] = $val;
|
|
}
|
|
|
|
$sql = "UPDATE `$table` SET ".implode(", ",$set)." WHERE ".implode(" AND ",$cond);
|
|
$stmt = $mysqli->prepare($sql);
|
|
|
|
// Bind params dynamically
|
|
$types = str_repeat("s", count($params));
|
|
$stmt->bind_param($types, ...$params);
|
|
|
|
$stmt->execute();
|
|
return $stmt->affected_rows;
|
|
}
|
|
|
|
function db_delete($mysqli, $table, $where) {
|
|
$params = [];
|
|
|
|
$cond = [];
|
|
foreach ($where as $col => $val) {
|
|
$cond[] = "`$col` = ?";
|
|
$params[] = $val;
|
|
}
|
|
|
|
$sql = "DELETE FROM `$table` WHERE ".implode(" AND ",$cond);
|
|
$stmt = $mysqli->prepare($sql);
|
|
|
|
// Bind params dynamically
|
|
$types = str_repeat("s", count($params));
|
|
$stmt->bind_param($types, ...$params);
|
|
|
|
$stmt->execute();
|
|
return;
|
|
}
|
|
|
|
/**
|
|
* Select rows from a table using mysqli, safely with prepared statements.
|
|
*
|
|
* @param mysqli $mysqli The active mysqli connection
|
|
* @param string $table Table name
|
|
* @param array|string $columns Array of column names OR "*" for all columns
|
|
* @param string|null $where Optional WHERE clause (without the "WHERE")
|
|
* @param array $params Parameters for prepared statement (values only)
|
|
* @param string|null $order Optional ORDER BY (e.g. "id DESC")
|
|
* @param string|null $limit Optional LIMIT (e.g. "10", "0,20")
|
|
* @return array Returns array of associative rows
|
|
*/
|
|
function db_select($mysqli, $table, $columns = "*", $where = null, $params = [], $order = null, $limit = null) {
|
|
|
|
// Convert array of columns into SQL string
|
|
if (is_array($columns)) {
|
|
$columns = implode(", ", array_map(fn($c) => "`$c`", $columns));
|
|
}
|
|
|
|
$sql = "SELECT $columns FROM `$table`";
|
|
|
|
if ($where) {
|
|
$sql .= " WHERE $where";
|
|
}
|
|
if ($order) {
|
|
$sql .= " ORDER BY $order";
|
|
}
|
|
if ($limit) {
|
|
$sql .= " LIMIT $limit";
|
|
}
|
|
|
|
$stmt = $mysqli->prepare($sql);
|
|
|
|
if (!$stmt) {
|
|
return []; // or throw exception
|
|
}
|
|
|
|
// Bind params if there are any
|
|
if (!empty($params)) {
|
|
$types = str_repeat("s", count($params)); // simple: treat everything as string
|
|
$stmt->bind_param($types, ...$params);
|
|
}
|
|
|
|
$stmt->execute();
|
|
$result = $stmt->get_result();
|
|
|
|
if (!$result) return [];
|
|
|
|
return $result->fetch_all(MYSQLI_ASSOC);
|
|
}
|
|
|
|
function db_get_var($mysqli, $sql, $params = []) {
|
|
$stmt = $mysqli->prepare($sql);
|
|
if (!empty($params)) {
|
|
$types = str_repeat('s', count($params));
|
|
$stmt->bind_param($types, ...$params);
|
|
}
|
|
$stmt->execute();
|
|
$stmt->bind_result($value);
|
|
$stmt->fetch();
|
|
$stmt->close();
|
|
return $value;
|
|
}
|