Hi I am a newbie in PHP I heard that there is a way on how to simplify your php query code :)
First I want to simplify insert:
I have a query mysql_query("insert into table (sample) values ('$sample')"); I want to simplify it like a formula you just enter the table and the values just it. so that whenever I query I will not type mysql_query blah blah blah
Next Selecting data on database. Like mysql_query(select * from account where contatc='$contatc') I want to simplify it or just make a formula whenever I will query it I will not type anymore.
I also read that in order to make it I will use functions Thanks in advance
This is an example on selecting data
function check($value, $where, $database) {
//foreach($field_arr as $value);
$q=sprintf("SELECT `".$value."` FROM `".$database."` WHERE ".$where."");
if(! $data=mysql_query($q)){
return FALSE;
}
else {
return mysql_num_rows($data);
}
}
Below are the functions to perform database operations
## Connect to Server ##
function connect($server="",$user="", $pass="")
{
$conn = mysql_pconnect($server,$user,$pass);
if(!$conn) {
echo "Connection attempt failed"." Error No:".mysql_errno()."<br>Error Message : ". mysql_error();
}
return true;
}
## Select Database for table operation ##
function selectDatabase($dbase)
{
global $conn;
if(empty($conn)) { echo "Connection not found"; }
if(!mysql_select_db($dbase, $conn)) {
echo "Dbase Select failed"." Error No:".mysql_errno()."<br>Error Message : ". mysql_error();
}
}
## Execute Select Query
function select ($sql="", $fetch = "mysql_fetch_assoc")
{
global $conn;
if(empty($sql)) { echo "Select Query not found"; }
if(empty($conn)) { echo "Connection not found";}
$results = @mysql_query($sql,$conn);
if(!$results) {
echo "Error in Query : ".$sql."<br>".mysql_errno()." : ". mysql_error();
}
$data = array();
while ($row = $fetch($results))
{
$data[] = $row;
}
mysql_free_result($results);
return $data;
}
## Execute Insert Query
function insert ($sql="")
{
global $conn;
if(empty($sql)) { echo "Insert query not found"; }
if(empty($conn)
{
echo "Connection not found";
}
$results = mysql_query($sql,$conn);
if(!$results)
{
echo "Error in Query : ".$sql."<br>".mysql_errno()." : ". mysql_error();
}
$id = mysql_insert_id();
If($id)
return $id;
else
return 1;
}
## Execute Update / Delete / mulitple insert query
function execute($sql="")
{
global $conn;
if(empty($sql)) { echo "Query not found"; }
if(empty($conn))
{
echo "Connection not found";
}
$results = mysql_query($sql,$conn);
if(!$results)
{
echo "Error in Query : ".$sql."<br>".mysql_errno()." : ". mysql_error();
}
$rows = 0;
$rows = mysql_affected_rows();
if($rows==0) return 1;
return $rows;
}
Beware with your code. With this code, it's really easy to add SQL injection to it. And you have another problem: you are using the mysql_* extensions, which are totally deprecated (they will be removed in the next main release of PHP).
My advice is: