echajoa/common/lib/class.db.php

<?php
class DB
{
	//개발환경
	// var $host='211.253.37.172';
	var $host = 'localhost';
	var $user='echajoadb';				// db user
	var $pass='dlck5309@';		// db password
	var $db  ='echajoadb';
	var $isDebug = false;
								// db id

	function __construct() {
		@$this->conn=mysqli_connect($this->host, $this->user, $this->pass, $this->db);
		$this->query("set names utf8");
	}


	function DB()
	{
		// @$this->conn=mysql_connect($this->host, $this->user, $this->pass);
		// mysql_select_db($this->db, $this->conn)or die(mysql_error());
		// $this->query("set names utf8");
		@$this->conn=mysqli_connect($this->host, $this->user, $this->pass, $this->db);
		$this->query("set names utf8");
	}


	function query($query, $qnum=0)
	{
		if ($qnum) {
			$this->{'query'.$qnum}=$query;
			// return $this->{'result'.$qnum}=mysql_query($query,$this->conn);
			return $this->{'result'.$qnum}=mysqli_query($this->conn, $query);
		} else {
			$this->query=$query;
			// return $this->result=mysql_query($query,$this->conn);
			return $this->result=mysqli_query($this->conn, $query);
		}
	}


	function getOne($qnum=0)
	{
		return $qnum
		? @mysql_result($this->{'result'.$qnum}, 0, 0)
		: @mysql_result($this->result, 0, 0);
	}


	function getRow($qnum=0)
	{
		return $qnum
		? ($this->{'row'.$qnum}=mysql_fetch_assoc($this->{'result'.$qnum}))
		: ($this->row	=mysql_fetch_assoc($this->result));
	}


	function getLastIndex()
	{
		return $this->lastIndex=mysql_insert_id($this->conn);
	}


	function insertDAO($_field, $_table)
	{
		$this->debug("INSERT INTO ".$_table ." set ".$this->_arrayField($_field));
		return $this->query("INSERT INTO ".$_table ." set ".$this->_arrayField($_field));
	}


	function selectDAO($_field, $_table, $_where = NULL, $_order = NULL)
	{
		if (is_array($_where)) {
			$_whereis = " WHERE ". $this->_where($_where, $value, ' AND ', $escape = TRUE);
		} else {
			if ($_where) $_whereis = " WHERE ". $_where;
		}
		if ($_order) $_orderis = " ORDER BY ". $_order;
		$this->query("SELECT ".$_field." FROM ".$_table . $_whereis . $_orderis);
		return $this->getRow($_num);
	}


	function updateDAO($_update, $_table, $_where, $_order = NULL) {
		if (is_array($_where)) {
			$_whereis = " WHERE ". $this->_where($_where, $value, ' AND ', $escape = TRUE);
		} else {
			if ($_where) $_whereis = " WHERE ". $_where;
		}
		if (is_array($_update))
			$_update = $this->_arrayField($_update);

		if ($_order) $_orderis = " ORDER BY ". $_order;

		$this->debug("UPDATE ".$_table." SET ".$_update . $_whereis . $_orderis);


		return $this->query("UPDATE ".$_table." SET ".$_update . $_whereis . $_orderis);
	}


	function deleteDAO($_table, $_where) {

		if ($_where) $_whereis = " WHERE ". $this->_where($_where, $value, ' AND ', $escape = TRUE);

		return $this->query("DELETE FROM ".$_table . $_whereis);
	}


	function getLastId(){
		return  mysql_insert_id();
	}

	function getOneDAO($_field, $_table, $_where) {

		if (is_array($_where)) {
			$_whereis = ' WHERE ' . $this->_where($_where, $value, ' AND ', $escape = TRUE);
		} else {
			if ($_where) $_whereis = " WHERE" . $_where;
		}
		//echo "SELECT ".$_field." FROM ".$_table . $_whereis;
		$this->query("SELECT ".$_field." FROM ".$_table . $_whereis);
		return $this->getOne($_num);
	}


	function _arrayField($key, $type = ", ", $escape = TRUE)
	{
		if ( ! is_array($key))
		{
			$key = array($key => $value);
		}

		foreach ($key as $k => $v)
		{
			$prefix = (count($ar_where) == 0) ? '' : $type;

			if ($escape == TRUE)
			{
				$v = $this->escape(trim($v));
			}

			if ( ! $this->_has_operator($k))
			{
				$k .= ' = ';
			}
			$ar_where .= $prefix.$k.$v;
		}

		return $ar_where;
	}


	/**
	 * Where
	 *
	 * Called by where() or orwhere()
	 *
	 * @access	private
	 * @param	mixed
	 * @param	mixed
	 * @param	string
	 * @return	object
	 */
	function _where($key, $value = NULL, $type = ' AND ', $escape = NULL)
	{
		if ( ! is_array($key))
		{
			$key = array($key => $value);
		}

		foreach ($key as $k => $v)
		{
			$prefix = (count($ar_where) == 0) ? '' : $type;

			if (is_null($v) && ! $this->_has_operator($k))
			{
				$k .= ' IS NULL';
			}

			if ( ! is_null($v))
			{
				if ($escape == TRUE)
				{
					$v = ' '.$this->escape(trim($v));
				}

				if ( ! $this->_has_operator($k))
				{
					$k .= ' = ';
				}
			}
			$ar_where .= $prefix.$k.$v;
		}

		return $ar_where;
	}

	/**
	 * Tests whether the string has an SQL operator
	 *
	 * @access	private
	 * @param	string
	 * @return	bool
	 */
	function _has_operator($str)
	{
		$str = trim($str);
		if ( ! preg_match("/(\s|<|>|!|=|is null|is not null)/i", $str))
		{
			return FALSE;
		}

		return TRUE;
	}


	/**
	 * "Smart" Escape String
	 *
	 * Escapes data based on type
	 * Sets boolean and null types
	 *
	 * @access	public
	 * @param	string
	 * @return	mixed
	 */
	function escape($str)
	{
		$str = preg_replace('#<script.*?</script\s*>#is', '', $str);
		if (is_string($str))
		{
			$str = "'".$this->escape_str($str)."'";
		}
		elseif (is_bool($str))
		{
			$str = ($str === FALSE) ? 0 : 1;
		}
		elseif (is_null($str))
		{
			$str = 'NULL';
		}

		return $str;
	}

	/**
	 * Escape String
	 *
	 * @access	public
	 * @param	string
	 * @param	bool	whether or not the string will be used in a LIKE condition
	 * @return	string
	 */
	function escape_str($str, $like = FALSE)
	{
		if (is_array($str))
		{
			foreach($str as $key => $val)
	   		{
				$str[$key] = $this->escape_str($val, $like);
	   		}

	   		return $str;
	   	}
		$str = is_resource($this->conn_id) ? mysql_real_escape_string($str, $this->conn_id) : addslashes($str);
		// escape LIKE condition wildcards
		if ($like === TRUE)
		{
			$str = str_replace(array('%', '_'), array('\\%', '\\_'), $str);
		}

		return $str;
	}


	function close()
	{
		mysql_close($this->conn);
	}

	function debug($query){

		//echo $query;
	}
}
?>