I'm fairly new to OOP, this is my first attempt at writing OOP code.
For some reason it keeps giving me
"Call to a member function execute() on a non-object in [path/to/file]log.php
I have the following code in log.php
function logMessage($logtype = 0, $logmessage = '')
{
global $config, $getSQL, $sql, $queryBuilder;
if ($config['log_threshold'] >= $logtype)
{
// Check database connection
if( ($sql instanceof MySQLi) == false) {
return array('status' => false, 'type' => 1, 'message' => 'MySQL connection is invalid');
}
// Check type
if($logtype == '' || $logtype === NULL) {
return array('status' => false, 'type' => 1, 'message' => 'No type specified');
}
// Check message
if($logmessage == '') {
return array('status' => false, 'type' => 1, 'message' => 'Message is empty');
}
// Get IP address
if( ($remote_addr = $_SERVER['REMOTE_ADDR']) == '') {
$remote_addr = "REMOTE_ADDR_UNKNOWN";
}
// Get requested script
if( ($request_uri = $_SERVER['REQUEST_URI']) == '') {
$request_uri = "REQUEST_URI_UNKNOWN";
}
if ($getSQL)
{
// Escape values
$logtype = $sql->escape_string($logtype);
$logmessage = $sql->escape_string($logmessage);
$remote_addr = $sql->escape_string($remote_addr);
$request_uri = $sql->escape_string($request_uri);
}
// Construct query
$insert = array('site_log');
$columns = array('remote_addr', 'request_uri', 'log_type', 'message');
$values = array('$remote_addr', '$request_uri', '$logtype', '$logmessage');
$result = $queryBuilder->execute(1, $insert, $columns, $values);
if($result) {
return array('status' => true);
}
else {
return array('status' => false, 'type' => 1, 'message' => 'Unable to write to the database');
}
}
}
Class QueryBuilder is in common.php which is included first, then $queryBuilder runs and initiate the QueryBuilder class;
class QueryBuilder
{
protected $db;
protected $sql;
public function __construct($db, $sql)
{
$this->dbPrefix = $db['dbprefix'];
$this->database = $sql;
}
public function select($column = '', $column2 = '', $column3 = '', $column4 = '', $column5 = '', $column6 = '')
{
!$column == '' ? $column = '%PARAM%'.$column.'%PARAM2%' : '';
!$column2 == '' ? $column2 = '%PARAM3%'.$column2.'%PARAM2%' : '';
!$column3 == '' ? $column3 = '%PARAM3%'.$column3.'%PARAM2%' : ''; !$column4 == '' ? $column4 = '%PARAM3%'.$column4.'%PARAM2%' : ''; !$column5 == '' ? $column5 = '%PARAM3%'.$column5.'%PARAM2%' : ''; !$column6 == '' ? $column6 = '%PARAM3%'.$column6.'%PARAM2%' : '';
$search = array('{', '[', '(', ',', "\\", '/', ';', '&', ')', ']', '}');
$replace = array('', '', '', '', '', '', '', '', '', '', '');
$output = array($column, $column2, $column3, $column4, $column5, $column6);
$output = str_replace($search, $replace, $output);
$search2 = array('%PARAM%', '%PARAM2%', '%PARAM3%');
$replace2 = array(' \'', ', \'', '\'');
$output = str_replace($search2, $replace2, $output);
$output = 'SELECT'.$output;
return $output;
}
public function from($table = '', $table2 = '', $table3 = '', $table4 = '', $table5 = '', $table6 = '')
{
!$table == '' ? $table = '%PARAM%'.$table.'%PARAM2%' : '';
!$table2 == '' ? $table2 = '%PARAM3%'.$table2.'%PARAM2%' : '';
!$table3 == '' ? $table3 = '%PARAM3%'.$table3.'%PARAM2%' : '';
!$table4 == '' ? $table4 = '%PARAM3%'.$table4.'%PARAM2%' : '';
!$table5 == '' ? $table5 = '%PARAM3%'.$table5.'%PARAM2%' : '';
!$table6 == '' ? $table6 = '%PARAM3%'.$table6.'%PARAM2%' : '';
$search = array('{', '[', '(', ',', "\\", '/', ';', '&', ')', ']', '}');
$replace = array('', '', '', '', '', '', '', '', '', '', '');
$output = array($table, $table2, $table3, $table4, $table5, $table6);
$output = str_replace($search, $replace, $output);
$search2 = array('%PARAM%', '%PARAM2%', '%PARAM3%');
$replace2 = array(' \''.$dbPrefix, ', \'', '\''.$dbPrefix);
$output = str_replace($search2, $replace2, $output);
$output = 'FROM'.$output;
return $output;
}
public function insert($table = '', $table2 = '', $table3 = '', $table4 = '', $table5 = '', $table6 = '')
{
!$table == '' ? $table = '%PARAM%'.$table.'%PARAM2%' : '';
!$table2 == '' ? $table2 = '%PARAM3%'.$table2.'%PARAM2%' : '';
!$table3 == '' ? $table3 = '%PARAM3%'.$table3.'%PARAM2%' : '';
!$table4 == '' ? $table4 = '%PARAM3%'.$table4.'%PARAM2%' : '';
!$table5 == '' ? $table5 = '%PARAM3%'.$table5.'%PARAM2%' : '';
!$table6 == '' ? $table6 = '%PARAM3%'.$table6.'%PARAM2%' : '';
$search = array('{', '[', '(', ',', "\\", '/', ';', '&', ')', ']', '}');
$replace = array('', '', '', '', '', '', '', '', '', '', '');
$output = array($table, $table2, $table3, $table4, $table5, $table6);
$output = str_replace($search, $replace, $output);
$search2 = array('%PARAM%', '%PARAM2%', '%PARAM3%');
$replace2 = array('\''.$dbPrefix, ', \'', '\''.$dbPrefix);
$output = str_replace($search2, $replace2, $output);
$output = 'INSERT INTO '.$output;
return $output;
}
public function insert_columns($column = '', $column2 = '', $column3 = '', $column4 = '', $column5 = '', $column6 = '')
{
!$column == '' ? $column = '%PARAM%'.$column.'%PARAM2%' : '';
!$column2 == '' ? $column2 = '%PARAM3%'.$column2.'%PARAM2%' : '';
!$column3 == '' ? $column3 = '%PARAM3%'.$column3.'%PARAM2%' : '';
!$column4 == '' ? $column4 = '%PARAM3%'.$column4.'%PARAM2%' : '';
!$column5 == '' ? $column5 = '%PARAM3%'.$column5.'%PARAM2%' : '';
!$column6 == '' ? $column6 = '%PARAM3%'.$column6.'%PARAM2%' : '';
$search = array('{', '[', '(', ',', "\\", '/', ';', '&', ')', ']', '}');
$replace = array('', '', '', '', '', '', '', '', '', '', '');
$output = array($column, $column2, $column3, $column4, $column5, $column6);
$output = str_replace($search, $replace, $output);
$search2 = array('%PARAM%', '%PARAM2%', '%PARAM3%');
$replace2 = array('\'', ', \'', '\'');
$output = str_replace($search2, $replace2, $output);
$output = ' ('.$output.') ';
return $output;
}
public function values($table = '', $table2 = '', $table3 = '', $table4 = '', $table5 = '', $table6 = '')
{
!$table == '' ? $table = '%PARAM%'.$table.'%PARAM2%' : '';
!$table2 == '' ? $table2 = '%PARAM3%'.$table2.'%PARAM2%' : '';
!$table3 == '' ? $table3 = '%PARAM3%'.$table3.'%PARAM2%' : '';
!$table4 == '' ? $table4 = '%PARAM3%'.$table4.'%PARAM2%' : '';
!$table5 == '' ? $table5 = '%PARAM3%'.$table5.'%PARAM2%' : '';
!$table6 == '' ? $table6 = '%PARAM3%'.$table6.'%PARAM2%' : '';
$search = array('{', '[', '(', ',', "\\", '/', ';', '&', ')', ']', '}');
$replace = array('', '', '', '', '', '', '', '', '', '', '');
$output = array($table, $table2, $table3, $table4, $table5, $table6);
$output = str_replace($search, $replace, $output);
$search2 = array('%PARAM%', '%PARAM2%', '%PARAM3%');
$replace2 = array('\''.$dbPrefix, ', \'', '\''.$dbPrefix);
$output = str_replace($search2, $replace2, $output);
$output = 'VALUES ('.$output.');';
return $output;
}
public function execute($type, $tables, $columns, $values)
{
if ($type == 1)
{
$tables = $this->insert($tables);
$columns = $this->insert_columns($columns);
$values = $this->values($values);
$result = $this->database->mysqli_query($tables, $columns, $values);
}
if ($result)
{
$result = 'lol';
}
else
{
$result = 'lolwat';
}
return $result;
}
}
$queryBuilder = new QueryBuilder($db, $sql);
$db is an array of all the settings for the db connection, where as $sql is the mysqli connection object.
I know that the SQL methods are not safe, I need to add mysqli_real_escape_string, more filters and such but I'm still writing it and testing so I wont do that until it actually works.
I'm pretty sure the desired results are self explanatory, if it's not then the results should be executing queries, and in this case querying the log into the database, works as following;
call function with 2 parameters, param1 is severity, param2 is the message.
Example:
logMessage(3, 'Application Initialized');
Logging works perfectly when it uses a plain query instead of the OOP class.
