Helper Functions for Database Queries

In order to submit secure queries to the database we created some helper functions. These functions are: db_insert, db_update and db_delete!

To call these functions in your class methods follow these patterns:

$this->CLASS['db']->db_insert($table, $array);
$this->CLASS['db']->db_update($table, $array, $whereclause);
$this->CLASS['db']->db_delete($table, $whereclause); 

Available parameters for these functions are shown here, too. $table is a placeholder for your database table. Replace $whereclause by a specifying clause. For example:

$this->CLASS['db']->db_delete("my_table","id=3 AND content='test'");

The remaining parameter $array is meant for a list of your columns in your table. Here we show you how to set one up for a table with columns "id", "content" and "price":

$myarray = array(
	"id" => array(
		"value" => 0,
		"type" => "integer",
	),
	"content" => array(
		"value" => "my content",
		"type" => "string",
	),
	"price" => array(
		"value" => 44.30,
		"type" => "float",
		"format" => "%01.2f",
	),
);

Such a structure is submitted in a call to db_insert or db_update, then. On the first level of this array you find the names of the columns in your table!

Every column requires a description consisting of value,type and format. where format is optional. "value" contains the value of this column. "type" describes the type of this column. The helper function internally checks on the type! Possible types are: string,integer and float!

In addition, you can define a format controlling the display of a value, should the default be inadequate, as for prices, time etc. The format is internally submitted to the PHP function sprintf, see details on the format string there.

This should now enable you to perform secure queries to your database.
 

last change: 06.12.2006