TYPO3  7.6
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
PreparedStatement Class Reference

Public Member Functions

 __construct ($query, $table, array $precompiledQueryParts=array())
 
 bindValues (array $values)
 
 bindValue ($parameter, $value, $data_type=self::PARAM_AUTOTYPE)
 
 execute (array $input_parameters=array())
 
 fetch ($fetch_style=0)
 
 seek ($rowNumber)
 
 fetchAll ($fetch_style=0)
 
 free ()
 
 rowCount ()
 
 errorCode ()
 
 errorInfo ()
 
 setFetchMode ($mode)
 

Public Attributes

const PARAM_NULL = 0
 
const PARAM_INT = 1
 
const PARAM_STR = 2
 
const PARAM_BOOL = 3
 
const PARAM_AUTOTYPE = 4
 
const FETCH_ASSOC = 2
 
const FETCH_NUM = 3
 

Protected Member Functions

 guessValueType ($value)
 
 hasNamedPlaceholders ($query)
 
 convertNamedPlaceholdersToQuestionMarks (&$query, array &$parameterValues, array &$precompiledQueryParts)
 
 tokenizeQueryParameterMarkers ($query, array $parameterValues)
 
 generateParameterWrapToken ()
 

Protected Attributes

 $query
 
 $precompiledQueryParts
 
 $table
 
 $parameters
 
 $defaultFetchMode = self::FETCH_ASSOC
 
 $statement
 
 $fields
 
 $buffer
 
 $parameterWrapToken
 

Detailed Description

TYPO3 prepared statement for DatabaseConnection

USE: In all TYPO3 scripts when you need to create a prepared query: $statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery('*', 'pages', 'uid = :uid'); $statement->execute(array(':uid' => 2)); while (($row = $statement->fetch()) !== FALSE) { ... } $statement->free();

Definition at line 31 of file PreparedStatement.php.

Constructor & Destructor Documentation

__construct (   $query,
  $table,
array  $precompiledQueryParts = array() 
)

Creates a new PreparedStatement. Either $query or $queryComponents should be used. Typically $query will be used by native MySQL TYPO3_DB on a ready-to-be-executed query. On the other hand, DBAL will have parse the query and will be able to safely know where parameters are used and will use $queryComponents instead.

This constructor may only be used by

Parameters
string$querySQL query to be executed
string$tableFROM table, used to call $GLOBALS['TYPO3_DB']->fullQuoteStr().
array$precompiledQueryPartsComponents of the query to be executed private

Definition at line 160 of file PreparedStatement.php.

References $GLOBALS, PreparedStatement\$precompiledQueryParts, PreparedStatement\$query, PreparedStatement\$table, PreparedStatement\generateParameterWrapToken(), and PreparedStatement\hasNamedPlaceholders().

Member Function Documentation

bindValue (   $parameter,
  $value,
  $data_type = self::PARAM_AUTOTYPE 
)

Binds a value to a corresponding named or question mark placeholder in the SQL statement that was use to prepare the statement.

Example 1: $statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery('*', 'bugs', 'reported_by = ? AND bug_status = ?'); $statement->bindValue(1, 'goofy'); $statement->bindValue(2, 'FIXED');

Example 2: $statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery('*', 'bugs', 'reported_by = :nickname AND bug_status = :status'); $statement->bindValue(':nickname', 'goofy'); $statement->bindValue(':status', 'FIXED');

Parameters
mixed$parameterParameter identifier. For a prepared statement using named placeholders, this will be a parameter name of the form :name. For a prepared statement using question mark placeholders, this will be the 1-indexed position of the parameter.
mixed$valueThe value to bind to the parameter.
int$data_typeExplicit data type for the parameter using the ::PARAM_* constants. If not given, the PHP type of the value will be used instead (int, string, boolean).
Returns
The current prepared statement to allow method chaining

Definition at line 231 of file PreparedStatement.php.

References PreparedStatement\guessValueType().

Referenced by PreparedStatement\bindValues().

bindValues ( array  $values)

Binds an array of values to corresponding named or question mark placeholders in the SQL statement that was use to prepare the statement.

Example 1: $statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery('*', 'bugs', 'reported_by = ? AND bug_status = ?'); $statement->bindValues(array('goofy', 'FIXED'));

Example 2: $statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery('*', 'bugs', 'reported_by = :nickname AND bug_status = :status'); $statement->bindValues(array(':nickname' => 'goofy', ':status' => 'FIXED'));

Parameters
array$valuesThe values to bind to the parameter. The PHP type of each array value will be used to decide which PARAM_* type to use (int, string, boolean, NULL), so make sure your variables are properly casted, if needed.
Returns
The current prepared statement to allow method chaining

Definition at line 198 of file PreparedStatement.php.

References PreparedStatement\bindValue().

convertNamedPlaceholdersToQuestionMarks ( $query,
array &  $parameterValues,
array &  $precompiledQueryParts 
)
protected

Converts named placeholders into question mark placeholders in a query.

Parameters
string$query
array$parameterValues
array$precompiledQueryParts
Returns
void

Definition at line 598 of file PreparedStatement.php.

References PreparedStatement\$query, elseif, PreparedStatement\hasNamedPlaceholders(), and PreparedStatement\tokenizeQueryParameterMarkers().

Referenced by PreparedStatement\execute().

errorCode ( )

Returns the error number on the last execute() call.

Returns
int Driver specific error code.

Definition at line 516 of file PreparedStatement.php.

errorInfo ( )

Returns an array of error information about the last operation performed by this statement handle. The array consists of the following fields:

  1. Driver specific error code.
  2. Driver specific error message
Returns
array Array of error information.

Definition at line 531 of file PreparedStatement.php.

execute ( array  $input_parameters = array())

Executes the prepared statement. If the prepared statement included parameter markers, you must either:

  • call TYPO3\CMS\Core\Database\PreparedStatement::bindParam()tobindPHPvariablestotheparametermarkers:boundvariablespasstheirvalueasinput</li><li>orpassanarrayofinput-onlyparametervalues</li></ul>$input_parametersbehaveasin@link\TYPO3\CMS\Core\Database\PreparedStatement::bindParams()andworkforbothnamedparametersandquestionmarkparameters.Example1:<code>$statement=$GLOBALS['TYPO3_DB']->prepare_SELECTquery('*', 'bugs', 'reported_by = ? AND bug_status = ?');$statement->execute(array('goofy', 'FIXED'));</code>Example2:<code>$statement=$GLOBALS['TYPO3_DB']->prepare_SELECTquery('*', 'bugs', 'reported_by = :nickname AND bug_status = :status');$statement->execute(array(':nickname' => 'goofy', ':status' => 'FIXED'));</code>@paramarray$input_parametersAnarrayofvalueswithasmanyelementsasthereareboundparametersintheSQLstatementbeingexecuted.ThePHPtypeofeacharrayvaluewillbeusedtodecidewhichPARAM_*typetouse(int,string,boolean,NULL),somakesureyourvariablesareproperlycasted,ifneeded.@returnboolReturnsTRUEonsuccessorFALSEonfailure.@throws\InvalidArgumentException@api

Definition at line 290 of file PreparedStatement.php.

References PreparedStatement\$fields, $GLOBALS, PreparedStatement\$parameters, PreparedStatement\$precompiledQueryParts, PreparedStatement\$query, PreparedStatement\convertNamedPlaceholdersToQuestionMarks(), and PreparedStatement\guessValueType().

fetch (   $fetch_style = 0)

Fetches a row from a result set associated with a object.

Parameters
int$fetch_styleControls how the next row will be returned to the caller. This value must be one of the ::FETCH_* constants. If omitted, default fetch mode for this prepared query will be used.
Returns
array Array of rows or FALSE if there are no more rows.

Definition at line 409 of file PreparedStatement.php.

References PreparedStatement\$buffer, and PreparedStatement\$defaultFetchMode.

Referenced by PreparedStatement\fetchAll().

fetchAll (   $fetch_style = 0)

Returns an array containing all of the result set rows.

Parameters
int$fetch_styleControls the contents of the returned array as documented in TYPO3\CMS\Core\Database\PreparedStatement::fetch().@returnarrayArrayofrows.@api

Definition at line 478 of file PreparedStatement.php.

References PreparedStatement\fetch().

free ( )

Releases the cursor. Should always be call after having fetched rows from a query execution.

Returns
void

Definition at line 494 of file PreparedStatement.php.

generateParameterWrapToken ( )
protected

Generate a random token that is used to wrap the query markers

Returns
string

Definition at line 678 of file PreparedStatement.php.

Referenced by PreparedStatement\__construct().

guessValueType (   $value)
protected

Guesses the type of a given value.

Parameters
mixed$value
Returns
int One of the ::PARAM_* constants

Definition at line 564 of file PreparedStatement.php.

References elseif.

Referenced by PreparedStatement\bindValue(), and PreparedStatement\execute().

hasNamedPlaceholders (   $query)
protected

Returns TRUE if named placeholers are used in a query.

Parameters
string$query
Returns
bool

Definition at line 584 of file PreparedStatement.php.

References PreparedStatement\$query.

Referenced by PreparedStatement\__construct(), and PreparedStatement\convertNamedPlaceholdersToQuestionMarks().

rowCount ( )

Returns the number of rows affected by the last SQL statement.

Returns
int The number of rows.

Definition at line 505 of file PreparedStatement.php.

seek (   $rowNumber)

Moves internal result pointer.

Parameters
int$rowNumberWhere to place the result pointer (0 = start)
Returns
bool Returns TRUE on success or FALSE on failure.

Definition at line 461 of file PreparedStatement.php.

setFetchMode (   $mode)

Sets the default fetch mode for this prepared query.

Parameters
int$modeOne of the ::FETCH_* constants
Returns
void

Definition at line 546 of file PreparedStatement.php.

tokenizeQueryParameterMarkers (   $query,
array  $parameterValues 
)
protected

Replace the markers with unpredictable token markers.

Parameters
string$query
array$parameterValues
Returns
string
Exceptions
\InvalidArgumentException

Definition at line 653 of file PreparedStatement.php.

References PreparedStatement\$query.

Referenced by PreparedStatement\convertNamedPlaceholdersToQuestionMarks().

Member Data Documentation

$buffer
protected

Definition at line 136 of file PreparedStatement.php.

Referenced by PreparedStatement\fetch().

$defaultFetchMode = self::FETCH_ASSOC
protected

Definition at line 119 of file PreparedStatement.php.

Referenced by PreparedStatement\fetch().

$fields
protected

Definition at line 131 of file PreparedStatement.php.

Referenced by PreparedStatement\execute().

$parameters
protected

Definition at line 112 of file PreparedStatement.php.

Referenced by PreparedStatement\execute().

$parameterWrapToken
protected

Definition at line 144 of file PreparedStatement.php.

$precompiledQueryParts
protected
$query
protected
$statement
protected

Definition at line 126 of file PreparedStatement.php.

$table
protected

Definition at line 105 of file PreparedStatement.php.

Referenced by PreparedStatement\__construct().

const FETCH_ASSOC = 2

Definition at line 76 of file PreparedStatement.php.

Referenced by ShortcutToolbarItem\shortcutExists().

const FETCH_NUM = 3

Definition at line 84 of file PreparedStatement.php.

const PARAM_AUTOTYPE = 4

Definition at line 66 of file PreparedStatement.php.

const PARAM_BOOL = 3

Definition at line 59 of file PreparedStatement.php.

const PARAM_INT = 1

Definition at line 45 of file PreparedStatement.php.

const PARAM_NULL = 0

Definition at line 38 of file PreparedStatement.php.

const PARAM_STR = 2

Definition at line 52 of file PreparedStatement.php.