Commit 2a19a70c authored by Josh Campbell's avatar Josh Campbell

Merge pull request #5 from rittme/patch-1

Update MysqliDb.php
parents ac3330d3 bb1258b7
...@@ -234,6 +234,17 @@ class MysqliDB { ...@@ -234,6 +234,17 @@ class MysqliDB {
return $this->_mysqli->insert_id; return $this->_mysqli->insert_id;
} }
/**
* Escape harmful characters which might affect a query.
*
* @param string $str The string to escape.
* @return string The escaped string.
*/
public function escape ( $str )
{
return $this->_mysqli->real_escape_string ( $str );
}
/** /**
* This method is needed for prepared statements. They require * This method is needed for prepared statements. They require
* the data type of the field to be bound with "i" s", etc. * the data type of the field to be bound with "i" s", etc.
...@@ -389,11 +400,13 @@ class MysqliDB { ...@@ -389,11 +400,13 @@ class MysqliDB {
$meta = $stmt->result_metadata(); $meta = $stmt->result_metadata();
$row = array();
while ($field = $meta->fetch_field()) { while ($field = $meta->fetch_field()) {
array_push($parameters, $row[$field->name]); $row[$field->name] = NULL;
$parameters[] = &$row[$field->name];
} }
call_user_func_array(array($stmt, "bind_result"),$this->refValues($parameters)); call_user_func_array(array($stmt, "bind_result"),$parameters);
while ($stmt->fetch()) { while ($stmt->fetch()) {
$x = array(); $x = array();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment