Commit bb1258b7 authored by Bernardo Rittmeyer's avatar Bernardo Rittmeyer

Update MysqliDb.php

escape(String) added
_dynamicBindResults() bug solved.
parent ac3330d3
......@@ -234,6 +234,17 @@ class MysqliDB {
return $this->_mysqli->insert_id;
}
/**
* Escape harmful characters which might affect a query.
*
* @param string $str The string to escape.
* @return string The escaped string.
*/
public function escape ( $str )
{
return $this->_mysqli->real_escape_string ( $str );
}
/**
* This method is needed for prepared statements. They require
* the data type of the field to be bound with "i" s", etc.
......@@ -389,11 +400,13 @@ class MysqliDB {
$meta = $stmt->result_metadata();
$row = array();
while ($field = $meta->fetch_field()) {
array_push($parameters, $row[$field->name]);
$row[$field->name] = NULL;
$parameters[] = &$row[$field->name];
}
call_user_func_array(array($stmt, "bind_result"),$this->refValues($parameters));
call_user_func_array(array($stmt, "bind_result"),$parameters);
while ($stmt->fetch()) {
$x = array();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment