Make WordPress Core


Ignore:
Timestamp:
10/10/2007 10:01:40 PM (16 years ago)
Author:
markjaquith
Message:

Introducing db_insert() and db_update(), with immediate usage in wp_insert_post(). fixes #5178

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/wp-db.php

    r6199 r6221  
    252252
    253253    /**
     254     * Insert an array of data into a table
     255     * @param string $table WARNING: not sanitized!
     256     * @param array $data should not already be SQL-escaped
     257     * @return mixed results of $this->query()
     258     */
     259    function db_insert($table, $data) {
     260        $data = add_magic_quotes($data);
     261        $fields = array_keys($data);
     262        return $this->query("INSERT INTO $table (`" . implode('`,`',$fields) . "`) VALUES ('".implode("','",$data)."')");
     263    }
     264
     265    /**
     266     * Update a row in the table with an array of data
     267     * @param string $table WARNING: not sanitized!
     268     * @param array $data should not already be SQL-escaped
     269     * @param string $where_col the column of the WHERE statement.  WARNING: not sanitized!
     270     * @param string $where_val the value of the WHERE statement.  Should not already be SQL-escaped.
     271     * @return mixed results of $this->query()
     272     */
     273    function db_update($table, $data, $where_col, $where_val){
     274        $data = add_magic_quotes($data);
     275        $bits = array();
     276        foreach ( array_keys($data) as $k )
     277            $bits[] = "`$k`='$data[$k]'";
     278        $where_val = $wpdb->escape($where_val);
     279        return $this->query("UPDATE $table SET ".implode(', ',$bits)." WHERE $where_col = '$where_val' LIMIT 1");
     280    }
     281
     282    /**
    254283     * Get one variable from the database
    255284     * @param string $query (can be null as well, for caching, see codex)
Note: See TracChangeset for help on using the changeset viewer.