login/pass: error messages below page title

[minimedit.git] / database.inc.php

diff --git a/database.inc.php b/database.inc.php
index 218335814bebf8e993aeb034449d7dc17efae940..d6da853c1a6f61b2529e71ff4640078960d3f07d 100644 (file)
--- a/database.inc.php
+++ b/database.inc.php
@@ -22,13 +22,52 @@ class DB
                return $stmt;
        }
 
-       function insert($table, $row)
+       function _value($val, &$params)
        {
-               $sql = sprintf('INSERT INTO %s (%s) VALUES (%s)',
-                       '"'.$table.'"',
-                       implode(', ', array_keys($row)),
-                       implode(', ', array_fill(0, count($row), '?'))
-               );
-               return $this->query($sql, array_values($row));
+               if (is_array($val)) {
+                       $sql = array_shift($val);
+                       $params = array_merge($params, $val);
+                       return $sql;
+               }
+               elseif (is_bool($val)) {
+                       return $val ? 'TRUE' : 'FALSE';
+               }
+
+               $params[] = $val;
+               return '?';
+       }
+
+       function set($table, $row, $filter = NULL)
+       {
+               $params = [];
+               if (is_null($filter)) {
+                       $cols = [];
+                       foreach ($row as $col => $val) {
+                               $cols[] = $this->_value($val, $params);
+                       }
+                       $sql = sprintf('INSERT INTO %s (%s) VALUES (%s)',
+                               '"'.$table.'"',
+                               implode(', ', array_keys($row)),
+                               implode(', ', $cols)
+                       );
+               }
+               else {
+                       $sql = 'UPDATE "'.$table.'"';
+                       $cols = [];
+                       foreach ($row as $col => $val) {
+                               $cols[] = $col . ' = ' . $this->_value($val, $params);
+                       }
+
+                       $sql .= ' SET ' . implode(', ', $cols);
+                       if (is_array($filter)) {
+                               $sql .= ' WHERE ' . array_shift($filter);
+                               $params = array_merge($params, $filter);
+                       }
+                       else {
+                               $sql .= ' ' . $filter;
+                       }
+               }
+               $sql .= ' RETURNING *';
+               return $this->query($sql, $params);
        }
 }