0

I have the dbc.inc.php file. inside of it there are connect function that connects me to the DB. In the test.inc.php file i have the runQuery function inside of a "Test" class. The "Test" class extends from the "Dbc" class allocated in the dbc.inc.php file.

The runQuery($db, $sql) runs query. But if error happend or warning he is not showing the error. i belive that im having a syntax mistake.

For the testing interesst i have given the wrong fieldname in my $sql statment. The error is hapenning but is not showing.

dbc.inc.php

<?php

class Dbc{
private $serverName;
private $userName;
private $password;

protected function connect($dbName = NULL){
    $this->serverName = "localhost";
    $this->userName   = "root";
    $this->password   = "";
    
    $conn = new mysqli($this->serverName, $this->userName, $this->password, $dbName);
    if (!$conn) {
        die("<h3>Error Connecting to the Database.</h3><h4 style=\"color: red\">". $conn->connect_error . "</h4>");
        
        
    } else {
        return $conn;
    }
    
}

}
?>

test.inc.php

<?php

 require 'dbc.inc.php';

 class Test extends Dbc{

function runQuery($db, $sql){
    $query = mysqli_query($this->connect($db), $sql);
    if (!$query) {
        echo "no Query";
        echo $this->connect($db)->connect_error;
        return 0;
    } else {
        echo "Query EXEC";
        return 1;
    }
}

 }


?>

The test code

$conn = new Test;
$conn->runQuery("tch_phn", "UPDATE `employee` SET `uiS`='Assad' WHERE `uid`='Assad' ");

The error is i have given a unknown field name (uiS has to be uid). How can i do this?

Assad Rajab
  • 69
  • 1
  • 1
  • 11
  • You just need to enable error reporting and remove the `if` statements from the code. See also [Should we ever check for mysqli_connect() errors manually?](https://stackoverflow.com/q/58808332/1839439) and [Should I manually check for errors when calling “mysqli_stmt_prepare”?](https://stackoverflow.com/q/62216426/1839439) – Dharman Jun 30 '20 at 23:25
  • Yes. i have understand the idea. im not sure how to do it in my code.... would you please do it so i can see it and learn from it. – Assad Rajab Jun 30 '20 at 23:34

1 Answers1

1

You don't need the Dbc class. It is not useful to you at all at its current state. The mysqli connection is always the same three lines of code and there is no point to add a class for it.

To connect to DB using mysqli use:

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli('localhost', 'user', 'pass', 'db_name');
$mysqli->set_charset('utf8mb4'); // always set the charset

Then you can write a class which will take the DB connection as a parameter in __construct().

class Test {
    private \mysqli $db = null;
    public function __construct(\mysqli $db) {
        $this->db = $db;
    }

    function runQuery($sql) {
        $query = $this->db->query($sql);
    }
}

That's it. Although you really should try to create a more useful mysqli abstraction class, or even better, use PDO instead. If you want to write mysqli wrapper class you can start with the following idea (adjust to your needs):

class DBClass extends mysqli {
    public function __construct($host = null, $username = null, $passwd = null, $dbname = null, $port = null, $socket = null) {
        // Enable error reporting and call mysqli constructor
        mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
        parent::__construct($host, $username, $passwd, $dbname, $port, $socket);
        $this->set_charset('utf8mb4'); // always set the proper charset which should be utf8mb4 99.99% of the time
    }

    public function safeQuery(string $sql, array $params = []): ?array {
        // Prepare statement:
        $stmt = $this->prepare($sql);
        // If the statement has parameters then bind them all now
        if ($params) {
            $stmt->bind_param(str_repeat("s", count($params)), ...$params);
        }
        // Execute it and get results if there are any
        $stmt->execute();
        if ($result = $stmt->get_result()) {
            return $result->fetch_all(MYSQLI_BOTH);
        }
        // If the query was INSERT or UPDATE then return null
        return null;
    }
}

Then you can execute any SQL statement with a simple one line even when using mysqli.

Dharman
  • 30,962
  • 25
  • 85
  • 135
  • Related https://stackoverflow.com/a/61566985/1839439 – Dharman Jun 30 '20 at 23:44
  • Thank you very much. the PDO is a bit confusing to me. i didnt really understand the code you wirte last. but the answer is right. – Assad Rajab Jun 30 '20 at 23:50
  • @PDO is the proper DB library to use with PHP. You really should avoid mysqli at all cost. What is confusing to you in the code I shared? Is it the connection or the prepared statement bit? – Dharman Jun 30 '20 at 23:51
  • The safeQuery() is confusing. the example i wrote above is meant to be used in the set and get functions in a particular class. do you mind if a post it so you may give me a better idea on doing it? – Assad Rajab Jun 30 '20 at 23:55
  • Try to understand the comments I wrote. I explained a little bit. Try to build a similar function yourself. You can use this function to execute any SQL statement you need. It's a generic use function. If you understand the idea of prepared statements you should be able to understand `safeQuery` function. If you have new question or a new problem then you can start a new question on Stack Overflow. Even if the new question is about my code/answer. – Dharman Jun 30 '20 at 23:57