I do not know the original to write in the essay.
All right, the first blog post.
There are three of classes:
1. Filter input (Lightweight)
Class Input_filter
Responsible for the filtering of parameters such as $_get,$_post
The return value type is an array and is used as a parameter to the Made_sql class
2. Convert to SQL statement
Class Made_sql
The type of the parameter is the array and the table name (string), the key name of the array is the column name of the table, and the value is the insertion value
The return value type is a string and is used as a parameter to the MySQL->query method
3. Database queries
Class MySQL
Using a single-column mode, the static method to obtain the object, see the role of the instanceof operator
Copy CodeThe code is as follows:
Class Input_filter
{
Private $input _all; The array to filter
Private $rustle; Filtered Results
Constructor arguments can be $_get or $_post these
Public function __construct ($input _c)
{
if (Is_array ($input _c))
$this->input_all = $input _c;
Else
Echo ' Parameter is not valid ';
Initialize, otherwise the first merge array after PHP does not know what this type is
$this->rustle = Array ();
}
Private Function Filter_arr ()//main function
{
foreach ($this->input_all as $key _input = $val _input)
{
If the key name is not a string, then an error message is returned
For key
if (!is_string ($key _input))//Error
{
Echo ' This key was not string ';
return false;
}
The # is MySQL Note.
$key _one = str_replace (' # ', ' ', $key _input);
$key = Htmlspecialchars ($key _one,ent_quotes, ' UTF-8 ');
I'm not looking for the HTML escape character for #, so empty instead
$val _one = str_replace (' # ', ' ', $val _input);
This function only translates < > ' ", and a similar function escapes all symbols
$val = Htmlspecialchars ($val _one,ent_quotes, ' UTF-8 ');
Merger
$rustle _one = Array ($key = = $val);
Merging arrays
$this->rustle = Array_merge ($this->rustle, $rustle _one);
}
}
This function is a bit redundant, leaving it for later expansion
Public Function Get_filter_rustle ()
{
$this->filter_arr ();
return $this->rustle;
}
}
Call Method:
Copy CodeThe code is as follows:
$filter = new Filter_input ($_get); or $_post
$input _data = $filter->get_filter ();
Convert to SQL statement:
Copy CodeThe code is as follows:
Class Madesql
{
Private $Cnow _ary; Type array parameters passed in
Private $Cname _str;
Private $insert _sql; The final SQL statement, String type
Public function __construct ($Cary, $Cname)
{
Checks if the incoming parameter type is an array
if (! Is_array ($Cary))
return false;
Else
$this->cnow_ary = $Cary; The value to write
$this->cname_str = $Cname; database table name
25}
Private Function SetSQL ()//main function, production SQL statement
{
foreach ($this->cnow_ary as $key _ary = $val _ary)
{
$cols _sql = $cols _sql. ', '. $key _ary; Column name combination
$vals _sql = $vals _sql. ', \ '. $val _ary. ' \'' ; Value Combinations
}
Because the previous foreach algorithm is a bit problematic, the first character is a comma
So delete with Sunstr_replace (), starting from the first (0), replacing only one character (1)
$cols _sql = Substr_replace ($vals _sql, ", 0, 1);
$vals _sql = Substr_replace ($vals _sql, ", 0, 1);
$this->insert_sql =
' INSERT into '. $this->cname_str. ' ('
. $cols _sql. ') VALUES ('. $vals _sql. ') '; Statement forming
}
Expansion with
Public Function GetSQL ()
{
$this->setsql ();
return $this->insert_sql;
}
}
3. Database queries
A database query class is a single-column pattern on a reference book (using static methods to obtain an object, so that only one instance of a database query class is in a script)
I think it's a bit of a use of a singleton pattern for this class.
Copy CodeThe code is as follows:
Class MySQL
{
Private $connect;
Static $objectMysql; Storing objects
Private Function __construct () 7 {
This constructor is called when the object is created, and is used to initialize the
$connect = mysql_connect (' DB address ', ' password ', ' dbname ');
$this->db = mysql_select_db (' db ', $connect);
}
public static function Mysql_object ()
{
The instanceof operator is used to check whether an object belongs to an instance of a class or interface. What I'm saying is not very normative ...
If $objectmysql is not an instance of MySQL (self), create a
if (! Self:: $objectMysql instanceof Self)
Self:: $objectMysql = new MySQL ();
This time the $objectmysql is already an object
Return self:: $objectMysql;
}
Public Function query ($sql)
{
Return mysql_query ($sql, $this->db);
}
}
All right, summarize how to use
Copy CodeThe code is as follows:
$filter = new Filter_input ($_get); or $_post
$input _data = $filter->get_filter ();
$MADESQL = new Madesql ($input _data, ' tableName ');
$sql = $madeSql->getsql ();
$mysql = Mysql::mysql_object ();
if ($mysql->query ($sql))
Echo ' Ok ';
Else
echo ' failure ';
Only these lines of code are required to complete the operation of writing to the database.
In addition to the private public issues of the constructor, the MySQL singleton pattern in the book constructor is declared in order to private, and there is no singleton pattern of the class so it will produce a compilation error, that PHP can not create an object, checked the next.
The reason is that creating objects is often done outside the class, which creates an issue where constructors cannot be accessed. The single-column mode creates objects in its own class, so there is no limit to accessing private methods.
The singleton pattern was originally thought to prevent the creation of the same object, and now it seems that the singleton pattern can encapsulate the constructor, which does improve security
The result of the Filter_input class can be used directly as a parameter to the Madesql class if:
The name of the form must be the same as the column name of the database, otherwise you will see so much white
http://www.bkjia.com/PHPjc/324106.html www.bkjia.com true http://www.bkjia.com/PHPjc/324106.html techarticle I do not know the original to write in the essay. All right, the first blog post. There are three classes: 1. Filter input (Lightweight) class Input_filter is responsible for parameters such as $_get,$_post these filters ...
