xpressengine /
xe-core
| @@ 109-164 (lines=56) @@ | ||
| 106 | * @param resource $connection |
|
| 107 | * @return resource |
|
| 108 | */ |
|
| 109 | function __query($query, $connection) |
|
| 110 | { |
|
| 111 | if($this->use_prepared_statements == 'Y') |
|
| 112 | { |
|
| 113 | // 1. Prepare query |
|
| 114 | $stmt = mysqli_prepare($connection, $query); |
|
| 115 | if($stmt) |
|
| 116 | { |
|
| 117 | $types = ''; |
|
| 118 | $params = array(); |
|
| 119 | $this->_prepareQueryParameters($types, $params); |
|
| 120 | ||
| 121 | if(!empty($params)) |
|
| 122 | { |
|
| 123 | $args[0] = $stmt; |
|
| 124 | $args[1] = $types; |
|
| 125 | ||
| 126 | $i = 2; |
|
| 127 | foreach($params as $key => $param) |
|
| 128 | { |
|
| 129 | $copy[$key] = $param; |
|
| 130 | $args[$i++] = &$copy[$key]; |
|
| 131 | } |
|
| 132 | ||
| 133 | // 2. Bind parameters |
|
| 134 | $status = call_user_func_array('mysqli_stmt_bind_param', $args); |
|
| 135 | if(!$status) |
|
| 136 | { |
|
| 137 | $this->setError(-1, "Invalid arguments: $query" . mysqli_error($connection) . PHP_EOL . print_r($args, true)); |
|
| 138 | } |
|
| 139 | } |
|
| 140 | ||
| 141 | // 3. Execute query |
|
| 142 | $status = mysqli_stmt_execute($stmt); |
|
| 143 | ||
| 144 | if(!$status) |
|
| 145 | { |
|
| 146 | $this->setError(-1, "Prepared statement failed: $query" . mysqli_error($connection) . PHP_EOL . print_r($args, true)); |
|
| 147 | } |
|
| 148 | ||
| 149 | // Return stmt for other processing - like retrieving resultset (_fetch) |
|
| 150 | return $stmt; |
|
| 151 | // mysqli_stmt_close($stmt); |
|
| 152 | } |
|
| 153 | } |
|
| 154 | // Run the query statement |
|
| 155 | $result = mysqli_query($connection, $query); |
|
| 156 | // Error Check |
|
| 157 | $error = mysqli_error($connection); |
|
| 158 | if($error) |
|
| 159 | { |
|
| 160 | $this->setError(mysqli_errno($connection), $error); |
|
| 161 | } |
|
| 162 | // Return result |
|
| 163 | return $result; |
|
| 164 | } |
|
| 165 | ||
| 166 | /** |
|
| 167 | * Before execute query, prepare statement |
|
| @@ 167-222 (lines=56) @@ | ||
| 164 | * @param resource $connection |
|
| 165 | * @return resource |
|
| 166 | */ |
|
| 167 | function __query($query, $connection) |
|
| 168 | { |
|
| 169 | if($this->use_prepared_statements == 'Y') |
|
| 170 | { |
|
| 171 | // 1. Prepare query |
|
| 172 | $stmt = mysqli_prepare($connection, $query); |
|
| 173 | if($stmt) |
|
| 174 | { |
|
| 175 | $types = ''; |
|
| 176 | $params = array(); |
|
| 177 | $this->_prepareQueryParameters($types, $params); |
|
| 178 | ||
| 179 | if(!empty($params)) |
|
| 180 | { |
|
| 181 | $args[0] = $stmt; |
|
| 182 | $args[1] = $types; |
|
| 183 | ||
| 184 | $i = 2; |
|
| 185 | foreach($params as $key => $param) |
|
| 186 | { |
|
| 187 | $copy[$key] = $param; |
|
| 188 | $args[$i++] = &$copy[$key]; |
|
| 189 | } |
|
| 190 | ||
| 191 | // 2. Bind parameters |
|
| 192 | $status = call_user_func_array('mysqli_stmt_bind_param', $args); |
|
| 193 | if(!$status) |
|
| 194 | { |
|
| 195 | $this->setError(-1, "Invalid arguments: $query" . mysqli_error($connection) . PHP_EOL . print_r($args, true)); |
|
| 196 | } |
|
| 197 | } |
|
| 198 | ||
| 199 | // 3. Execute query |
|
| 200 | $status = mysqli_stmt_execute($stmt); |
|
| 201 | ||
| 202 | if(!$status) |
|
| 203 | { |
|
| 204 | $this->setError(-1, "Prepared statement failed: $query" . mysqli_error($connection) . PHP_EOL . print_r($args, true)); |
|
| 205 | } |
|
| 206 | ||
| 207 | // Return stmt for other processing - like retrieving resultset (_fetch) |
|
| 208 | return $stmt; |
|
| 209 | // mysqli_stmt_close($stmt); |
|
| 210 | } |
|
| 211 | } |
|
| 212 | // Run the query statement |
|
| 213 | $result = mysqli_query($connection, $query); |
|
| 214 | // Error Check |
|
| 215 | $error = mysqli_error($connection); |
|
| 216 | if($error) |
|
| 217 | { |
|
| 218 | $this->setError(mysqli_errno($connection), $error); |
|
| 219 | } |
|
| 220 | // Return result |
|
| 221 | return $result; |
|
| 222 | } |
|
| 223 | ||
| 224 | /** |
|
| 225 | * Before execute query, prepare statement |
|
