|
|
Posted by muldoonaz on 09/08/05 00:51
ZeldorBlat wrote:
> Ahh, *those* curly brackets are a little different. prepareSQL() is
> not a built in PHP function, so I can't say for sure what it does.
>
> Based on your example, I would guess that it does something like
> substitute the values passed as the second parameter (the array) into
> the string passed as the first parameter ($sqlQuery) where the
> parameters in the original string are refered to by {i} where i is
> their index in the array.
>
> I'd also venture a guess that your "return preg_replace..." code comes
> from prepareSQL(). Without seeing the rest of the function, it looks
> like that call preg_replace() is what does the actual replacement of
> the variables.
>
> So, in short, those {1}, {2}, etc. are *not* the same as the curly
> braces described at http://www.php.net/strings
>
here's the function (taken off the website he quoted):
<?php
function prepareSQL($queryString, $paramArr) {
foreach (array_keys($paramArr) as $paramName) {
if (is_int($paramArr[$paramName])) {
$paramArr[$paramName] = (int)$paramArr[$paramName];
}
elseif (is_numeric($paramArr[$paramName])) {
$paramArr[$paramName] = (float)$paramArr[$paramName];
}
elseif (($paramArr[$paramName] != 'NULL') and
($paramArr[$paramName] != 'NOT NULL')) {
$paramArr[$paramName] =
mysql_real_escape_string(stripslashes($paramArr[$paramName]));
$paramArr[$paramName] = '\''.$paramArr[$paramName].'\'';
}
}
return preg_replace('/\{(.*?)\}/ei','$paramArr[\'$1\']', $queryString);
}
[Back to original message]
|