Ticket #7171: format_insert_update.7171.diff
File format_insert_update.7171.diff, 2.4 KB (added by , 16 years ago) |
---|
-
wp-includes/wp-db.php
696 696 * 697 697 * @param string $table WARNING: not sanitized! 698 698 * @param array $data Should not already be SQL-escaped 699 * @param array|string $format The format of the field values. 699 700 * @return mixed Results of $this->query() 700 701 */ 701 function insert($table, $data ) {702 $ data = $this->_escape($data);702 function insert($table, $data, $format = '%s') { 703 $format = (array) $format; 703 704 $fields = array_keys($data); 704 return $this->query("INSERT INTO $table (`" . implode('`,`',$fields) . "`) VALUES ('".implode("','",$data)."')"); 705 $formatted_fields = array(); 706 foreach( $data as $field ) { 707 $form = ( $form = array_shift($format) ) ? $form : $formatted_fields[0]; 708 $formatted_fields[] = $form; 709 } 710 $sql = "INSERT INTO $table (`" . implode( '`,`', $fields ) . "`) VALUES ('" . implode( "','", $formatted_fields ) . "')"; 711 return $this->query(call_user_func_array(array(&$this, 'prepare'), array_merge(array($sql), $data))); 705 712 } 706 713 707 714 /** … … 712 719 * @param string $table WARNING: not sanitized! 713 720 * @param array $data Should not already be SQL-escaped 714 721 * @param array $where A named array of WHERE column => value relationships. Multiple member pairs will be joined with ANDs. WARNING: the column names are not currently sanitized! 722 * @param array|string $format The format of the field values. 715 723 * @return mixed Results of $this->query() 716 724 */ 717 function update($table, $data, $where ){718 $ data = $this->_escape($data);725 function update($table, $data, $where, $format = '%s'){ 726 $formats = $format = (array) $format; 719 727 $bits = $wheres = array(); 720 foreach ( (array) array_keys($data) as $k ) 721 $bits[] = "`$k` = '$data[$k]'"; 728 foreach ( (array) array_keys($data) as $k ) { 729 $form = ( $form = array_shift($formats) ) ? $form : $format[0]; 730 $bits[] = "`$k` = '{$form}'"; 731 } 722 732 723 733 if ( is_array( $where ) ) 724 734 foreach ( $where as $c => $v ) 725 735 $wheres[] = "$c = '" . $this->_escape( $v ) . "'"; 726 736 else 727 737 return false; 728 729 return $this->query( "UPDATE $table SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres ));738 $sql = "UPDATE $table SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres ); 739 return $this->query(call_user_func_array(array(&$this, 'prepare'), array_merge(array($sql), $data))); 730 740 } 731 741 732 742 /**