Minimal database abstraction for code maintainability
(feature similar to perl DBIx::Simple).
$stmt->execute($params);
return $stmt;
}
+
+ function insert($table, $row)
+ {
+ $sql = sprintf('INSERT INTO %s (%s) VALUES (%s)',
+ '"'.$table.'"',
+ implode(', ', array_keys($row)),
+ implode(', ', array_fill(0, count($row), '?'))
+ );
+ return $this->query($sql, array_values($row));
+ }
}
try {
$html = nl2br(htmlspecialchars($_POST['reply']));
$html = "<p>$html</p>";
- $query = $Db->query('INSERT INTO comments (page, message, author) VALUES (?, ?, ?)', [
- $Page, $html, $User->login
+ $query = $Db->insert('comments', [
+ 'page' => $Page,
+ 'message' => $html,
+ 'author' => $User->login,
]);
if (!$query->rowCount()) {
throw new Exception('Fout bij opslaan');