| adding a method to a built-in class ? [message #179467] |
Tue, 30 October 2012 12:05  |
![Une Bvue[1] is currently offline](/forum/theme/default/images/offline.png "Une Bvue[1] is currently offline")
Une Bvue[1]
Messages: 9
Registered: September 2012
Karma: 0
|
Junior Member |
|
|
newbie to php5, i'd like to know if i could add a method to a built-in
class.
The purpose is to ass #to_sql() method to the String class.
#to_sql() would just replace any oiccurence of the character "'" by two
of it "''".
|
|
|
|
| Re: adding a method to a built-in class ? [message #179468 is a reply to message #179467] |
Tue, 30 October 2012 12:38  |
M. Strobel
Messages: 386
Registered: December 2011
Karma: 0
|
Senior Member |
|
|
Am 30.10.2012 13:05, schrieb Une Bévue:
> newbie to php5, i'd like to know if i could add a method to a built-in class.
>
> The purpose is to ass #to_sql() method to the String class.
>
> #to_sql() would just replace any oiccurence of the character "'" by two of it "''".
It looks like you want to program your own sql parameter substitution. You should
rather use the functions like mysqli::real_escape_string(), PDO::quote(), or use
prepared statements.
/Str.
|
|
|
|
| Re: adding a method to a built-in class ? [message #179469 is a reply to message #179468] |
Tue, 30 October 2012 13:42 |
Une Bvue[1]
Messages: 9
Registered: September 2012
Karma: 0
|
Junior Member |
|
|
Le 30/10/2012 13:38, M. Strobel a écrit :
> It looks like you want to program your own sql parameter substitution. You should
> rather use the functions like mysqli::real_escape_string(), PDO::quote(), or use
> prepared statements.
fine, thanks a lot !
easier to work with ;-)
|
|
|
|
| Re: adding a method to a built-in class ? [message #179474 is a reply to message #179467] |
Wed, 31 October 2012 10:09 |
Gregor Kofler
Messages: 69
Registered: September 2010
Karma: 0
|
Member |
|
|
Am 2012-10-30 13:05, Une Bévue meinte:
> newbie to php5, i'd like to know if i could add a method to a built-in
> class.
>
> The purpose is to ass #to_sql() method to the String class.
>
> #to_sql() would just replace any oiccurence of the character "'" by two
> of it "''".
There is no such thing as a "string class" in PHP (apart from an
experimental SplString class). However, you can extend the already
mentioned Mysqli and Pdo classes and create subclasses tailored to your
needs.
Gregor
|
|
|
|
| Re: adding a method to a built-in class ? [message #179475 is a reply to message #179474] |
Wed, 31 October 2012 14:08 |
Une Bvue[1]
Messages: 9
Registered: September 2012
Karma: 0
|
Junior Member |
|
|
Le 31/10/2012 11:09, Gregor Kofler a écrit :
> There is no such thing as a "string class" in PHP (apart from an
> experimental SplString class). However, you can extend the already
> mentioned Mysqli and Pdo classes and create subclasses tailored to your
> needs.
OK, fine, i'll be using $conn->quote($aString);
Thanks
|
|
|
|
| Re: adding a method to a built-in class ? [message #179503 is a reply to message #179474] |
Fri, 02 November 2012 19:27 |
Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
|
Senior Member |
|
|
Gregor Kofler wrote:
> Am 2012-10-30 13:05, Une Bévue meinte:
>> newbie to php5, i'd like to know if i could add a method to a built-in
>> class.
>>
>> The purpose is to ass #to_sql() method to the String class.
>>
>> #to_sql() would just replace any oiccurence of the character "'" by two
>> of it "''".
>
> There is no such thing as a "string class" in PHP (apart from an
> experimental SplString class). However, you can extend the already
> mentioned Mysqli and Pdo classes and create subclasses tailored to your
> needs.
However, in this particular case that would be unwise, because that user-
defined to_sql() method would hardly be sufficient to escape string values
in SQL statements safely, and it would most likely be unnecessary to write
in the first place.
The OP should look into mysql_real_escape_string() if they have to use the
`mysql' extension, or learn about Prepared Statements (PS) if they can use
the `mysqli' extension or PDO, instead. A solution with PS is strongly
recommended.
PointedEars
--
Anyone who slaps a 'this page is best viewed with Browser X' label on
a Web page appears to be yearning for the bad old days, before the Web,
when you had very little chance of reading a document written on another
computer, another word processor, or another network. -- Tim Berners-Lee
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]