0
I have a code below functional, but I could not understand well how to implement Prepared Statements to this code/Class. After research on subject and attempts, as I understand it is simple, someone can give me a light?
class Model {
protected $db;
public function __construct(){
$this->db = new PDO('mysql:host=xxxxxxxx;dbname=xxxxxxxx', 'xxxxxxxx', 'xxxxxxxx');
$this->db->exec("set names utf8");
}
public function insert(Array $dados){
$campos = implode(", ", array_keys($dados));
$valores = "'".implode("','", array_values($dados))."'";
return $this->db->query("INSERT INTO `{$this->_tabela}` ({$campos}) VALUES ({$valores})");
}
public function read($where = NULL, $limit = NULL, $offset = NULL, $orderby = NULL){
$where = ($where != NULL ? "WHERE {$where}" : "");
$limit = ($limit != NULL ? "LIMIT {$limit}" : "");
$offset = ($offset != NULL ? "OFFSET {$offset}" : "");
$orderby = ($orderby != NULL ? "ORDER BY {$orderby}" : "");
$q = $this->db->query("SELECT * FROM `{$this->_tabela}` {$where} {$orderby} {$limit} {$offset}");
$q->setFetchMode(PDO::FETCH_ASSOC);
return $q->fetchAll();
}
public function update(Array $dados, $where){
foreach($dados as $ind => $val){
$campos[] = "{$ind} = '{$val}'";
}
$campos = implode(", ", $campos);
return $this->db->query("UPDATE `{$this->_tabela}` SET {$campos} WHERE {$where}");
}
public function delete($where){
return $this->db->query("DELETE FROM `{$this->_tabela}` WHERE {$where}");
}
}
Hello, this link is the light for Prepared Statements: http://php.net/manual/en/pdo.prepared-statements.php
– Lucas Burg
What is the specific doubt? that help in something?
– rray
It helped a little more to understand. It seems that I would like to be done for me rs, but actually it is not. It is that after implementation I still need the functions to return the same value in the same pattern, otherwise I would have to change my entire controller (MVC). Could you give me an example of what it would look like after at least
public function delete($where)
? I believe this would be the light....– Thyago ThySofT
All that was missing was the attribute:
private $tabela;
– Ivan Ferrer
$conexao = new Model();
$conexao->insert(['campo'=>'valor']);
– Ivan Ferrer
@Ivanferrer functions, calls are ok. All functional as ever, my difficulty is being in passing these functions to Prepared Statements, because as far as I understand in my research, the calls are different, and not to mention that where is returned for example the associative fetch can not return different object, otherwise the rest of the system will have to be all changed. Summarizing need to keep this script with the same essence and results but using the Prepared Statements. I’m having difficulties and maybe I’m not even explaining.... I appreciate your attention...
– Thyago ThySofT