<?
require_once("class.sql.php");
//sample data
$data = array(
'username' => 'my name' ,
'password' => '123456' ,
'email' => '[email protected]' ,
'other' => 'other data'
);
$injection = <<< EOF
" ' " ' " ' " ' " ' " ' " '''''' " ' OR something
EOF;
$sqls = <<< EOF
INSERT INTO users (username,password) ('test' , 'test');
INSERT INTO users (username,password) ('test1' , 'test1');
INSERT INTO users (username,password) ('test2' , 'test2');
INSERT INTO users (username,password) ('test3' , 'test3');
INSERT INTO users (username,password) ('test4' , 'test4');
INSERT INTO users (username,password) ('test5' , 'test5');
UPDATE users SET something = `somewhere` WHERE `wack` = `capcap`;
UPDATE users SET something = `somewhere` WHERE `wack` = `capcap`;
EOF;
$sql_file = "test.sql";
?>
<html>
<head>
<style>
PRE {
border: 1px outset;
padding-top: 10px;
padding-bottom: 10px;
padding-left: 5px;
}
BODY
{
font-family: tahoma;
font-size: 13px;
}
</style>
</head>
<body>
<b>SQL Generator</b> is a simple class , created by <a href="mailto:[email protected]?Subject=SQL Generator">Quoc Bao</a> , help you to create query easier .<br>
It's very cool to combine with your application , you will save lots of time.<br>
Now , just put your data in an array , and call the function ^___^.<br><br>
Just set the key of the array to your column , and its value to your value , that all !<br>
Here is a sample data<br>
<pre>
<?print_r($data);?>
</pre><br>
You can use <b>SQL::insert</b> to generate an <b>INSERT</b> query
<pre>
<?= SQL::insert("users" , $data) ?>
</pre>
Using <b>SQL::update</b> to generate a <b>UPDATE</b> query with or without condition
<pre>
<?= SQL::update("users" , $data , " user_id = " . SQL::quote('my_id')) ?><br>
<?= SQL::update("users" , $data ) ?>
</pre>
and you can also generate <b>REPLACE</b> query with this class using <b>SQL::replace</b> (with UPDATE or INSERT syntax )
<pre>
<?= SQL::replace("users" , $data) ?><br>
<?= SQL::replace("users" , $data , false) ?>
</pre>
even <b>DELETE</b> with <b>SQL::delete</b>
<pre>
<?=SQL::delete('users' , 'user_id = ' . SQL::quote('my_id'))?>
</pre>
Now you can create SQL Time or Datetime easier by using <b>SQL::time</b> and PHP Unix time
<pre>
<?
echo SQL::time(time() , 'DATE') . "<BR>";
echo SQL::time(time() , 'TIME') . "<BR>";
echo SQL::time(time() , 'DATETIME') . "<BR>";
?>
</pre>
no more SQL injection , everything will be ok ^___^ (<b>SQL::quote</b>)
<pre>
<?=$injection?>
<b>to</b>
<?=SQL::quote($injection)?>
</pre>
render a simple equal condition with <b>SQL::condition</b>
<pre>
<?=SQL::condition(array('my_column' => 'my_data' , 'my_column2' => 'my_data', 'my_column3' => 'data 3'))?><br>
<?=SQL::condition(array('my_column' => 'my_data' , 'my_column2' => 'my_data') , 'OR')?>
</pre>
or simple <b>IN</b> syntax <b>SQL::in</b>
<pre>
<?=SQL::in("my_column" , array('var1' , 'var2' , 'var3'))?>
</pre>
and finally , you can split queries to invidual query O__O
<pre>
<?=$sqls?>
to
<?print_r(SQL::split($sqls,false))?>
</pre>
and from sql file :) just using <b>SQL::split</b>
<pre>
<?print_r(SQL::split($sql_file))?>
</pre>
</body>
</html>
|
Download
