mirror of
https://github.com/php/presentations.git
synced 2026-03-24 15:42:33 +01:00
29 lines
766 B
PHP
29 lines
766 B
PHP
<?php
|
|
// generic database query wrapper
|
|
// Use pecl/filter or mysql_real_string to avoid sql injection here
|
|
function query_wrapper($query, $file, $line, $class, $function)
|
|
{
|
|
$r = mysql_query($query);
|
|
if (!$r) {
|
|
trigger_error("Failed executing query '{$query}' on {$file}:{$line}
|
|
inside ".($class ? "{$class}::" : '')."{$function}()", E_USER_ERROR);
|
|
}
|
|
return $r;
|
|
}
|
|
|
|
// fetch message based on a numeric identifier
|
|
function get_message($id, $file, $line, $class, $function)
|
|
{
|
|
$result = query_wrapper("SELECT * FROM msg WHERE id=".$id, $file, $line, $class, $function);
|
|
return fetch_object_wrapper($result);
|
|
}
|
|
|
|
// main code
|
|
function foo()
|
|
{
|
|
$message = get_message($_GET['id'], __FILE__, __LINE__, __CLASS__, __FUNCTION__);
|
|
}
|
|
|
|
foo();
|
|
?>
|