modernserf · July 6, 2013 05:02
diff --git a/DietActiveRecord.php b/DietActiveRecord.php
 class DietActiveRecord {
  public static function all( $select = null ){
    $self = get_called_class();

    $query = 'SELECT '. $self::select_string($select) .
      ' FROM '. $self::$table_name;

    return $self::query($query, null, true);
  }

  public static function exists($value, $key = null ){
    $self = get_called_class();

    $key = $self::key_verify($key);

    $query = 'SELECT null FROM '. $self::$table_name .
    ' WHERE ' . $key . '= :'. $key .' LIMIT 1';

    return !!$self::query($query, array( $key => $value ), true);
  }

  public static function find($value, $key = null, $select = null ){
    $self = get_called_class();

    $key = $self::key_verify($key);

    $query = 'SELECT '. $self::select_string($select) .
      ' FROM '. $self::$table_name .
      ' WHERE '. $key . ' = :'. $key . ' LIMIT 1;';

    $results = $self::query($query, array( $key => $value ), true);

    return $results[0];
  }

  // saves to the database
  // 'safe' params == for joins. must not be set by user.
  public static function create($params, $safe_params = null){
    $self = get_called_class();

    $self::check_params($params);

    if ($safe_params !== null){
      $params = array_merge($params, $safe_params);
    }

    $keys = array_keys($params);

    $query = 'INSERT INTO '. $self::$table_name .
      ' ( '. implode(', ', $keys) . ' ) ' .
      ' VALUES ( :' . implode(', :', $keys) . ' );';

    $rows_affected = $self::query($query, $params );

    return ( $rows_affected === 1);
  }

  // saves set params to the database
  public static function update($value, $params, $safe_params = null ){
    $self = get_called_class();

    $self::check_params($params);

    if ($safe_params !== null){
      $params = array_merge($params, $safe_params);
    }

    $param_keys = array_keys($params);

    foreach ($param_keys as $key ) {
      $param_list[]= "$key = :$key";
    }

    $param_string = implode(', ', $param_list);

    $key = $self::$default_key;

    $query = 'UPDATE '. $self::$table_name .
      ' SET ' . $param_string .
      ' WHERE ' . $key . ' = :'. $key;


    $q_params = array_merge( $params, array( $key => $value ) );

    $rows_affected = $self::query($query, $q_params );

    return ( $rows_affected === 1);
  }

  // removes from the database
  public static function destroy($value){
    $self = get_called_class();

    $key = $self::$default_key;

    $query = 'DELETE FROM '. $self::$table_name .
      ' WHERE ' . $key . ' = :'. $key;

    $rows_affected = $self::query( $query , array( $key => $value ) );

    return ( $rows_affected === 1);
  }

  // general purpose query builder
  public static function query($query, $params = null, $expect_results = false){
    try {
      $conn = new PDO(
        'mysql:host='. DB_HOST.
        ';port=' . DBPORT .
        ';dbname='. DB_NAME ,
        DB_USER,
        DB_PASS
      );
      $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

      $stmt = $conn->prepare( $query );
      $stmt->execute( $params );

      if ($expect_results){
        $stmt->setFetchMode(PDO::FETCH_CLASS, get_called_class());

        $collection = null;

        while($instance = $stmt->fetch()){
          $collection[] = $instance;
        }

        return $collection;

      } else {
        return $stmt->rowCount();
      }

    } catch(PDOException $e) {
      error_log('ERROR: ' . $e->getMessage());
    }
  }

  // returns a comma delimited list of attrs for selecting
  // defaults to the caller's attrs_accessible
  private static function select_string( $select ){
    if ($select === null ){
      $self = get_called_class();
      $select = $self::$attrs_accessible ;
    }

    return implode(', ', $select);
  }

  // if empty, get default key, otherwise check key safety
  private static function key_verify($key ){
    $self = get_called_class();

    if ($key === null){
      $key = $self::$default_key;
    } else {
      $self::check_params($key);
    }
    return $key;
  }

  // check that key or params are safe
  private static function check_params($params){
    $self = get_called_class();
    if ( is_array($params) ){
      foreach ($params as $key => $value) {
        if ( !in_array($key, $self::$attrs_accessible) ){
          throw new Exception("Forbidden attribute: $key", 403);
        }
      }
    } else {
      if ( !in_array($params, $self::$attrs_accessible) ){
        throw new Exception("Forbidden attribute: $params", 403);
      }
    }
  }
 }
	class DietActiveRecord {
	public static function all( $select = null ){
	$self = get_called_class();

	$query = 'SELECT '. $self::select_string($select) .
	' FROM '. $self::$table_name;

	return $self::query($query, null, true);
	}

	public static function exists($value, $key = null ){
	$self = get_called_class();

	$key = $self::key_verify($key);

	$query = 'SELECT null FROM '. $self::$table_name .
	' WHERE ' . $key . '= :'. $key .' LIMIT 1';

	return !!$self::query($query, array( $key => $value ), true);
	}

	public static function find($value, $key = null, $select = null ){
	$self = get_called_class();

	$key = $self::key_verify($key);

	$query = 'SELECT '. $self::select_string($select) .
	' FROM '. $self::$table_name .
	' WHERE '. $key . ' = :'. $key . ' LIMIT 1;';

	$results = $self::query($query, array( $key => $value ), true);

	return $results[0];
	}

	// saves to the database
	// 'safe' params == for joins. must not be set by user.
	public static function create($params, $safe_params = null){
	$self = get_called_class();

	$self::check_params($params);

	if ($safe_params !== null){
	$params = array_merge($params, $safe_params);
	}

	$keys = array_keys($params);

	$query = 'INSERT INTO '. $self::$table_name .
	' ( '. implode(', ', $keys) . ' ) ' .
	' VALUES ( :' . implode(', :', $keys) . ' );';

	$rows_affected = $self::query($query, $params );

	return ( $rows_affected === 1);
	}

	// saves set params to the database
	public static function update($value, $params, $safe_params = null ){
	$self = get_called_class();

	$self::check_params($params);

	if ($safe_params !== null){
	$params = array_merge($params, $safe_params);
	}

	$param_keys = array_keys($params);

	foreach ($param_keys as $key ) {
	$param_list[]= "$key = :$key";
	}

	$param_string = implode(', ', $param_list);

	$key = $self::$default_key;

	$query = 'UPDATE '. $self::$table_name .
	' SET ' . $param_string .
	' WHERE ' . $key . ' = :'. $key;


	$q_params = array_merge( $params, array( $key => $value ) );

	$rows_affected = $self::query($query, $q_params );

	return ( $rows_affected === 1);
	}

	// removes from the database
	public static function destroy($value){
	$self = get_called_class();

	$key = $self::$default_key;

	$query = 'DELETE FROM '. $self::$table_name .
	' WHERE ' . $key . ' = :'. $key;

	$rows_affected = $self::query( $query , array( $key => $value ) );

	return ( $rows_affected === 1);
	}

	// general purpose query builder
	public static function query($query, $params = null, $expect_results = false){
	try {
	$conn = new PDO(
	'mysql:host='. DB_HOST.
	';port=' . DBPORT .
	';dbname='. DB_NAME ,
	DB_USER,
	DB_PASS
	);
	$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

	$stmt = $conn->prepare( $query );
	$stmt->execute( $params );

	if ($expect_results){
	$stmt->setFetchMode(PDO::FETCH_CLASS, get_called_class());

	$collection = null;

	while($instance = $stmt->fetch()){
	$collection[] = $instance;
	}

	return $collection;

	} else {
	return $stmt->rowCount();
	}

	} catch(PDOException $e) {
	error_log('ERROR: ' . $e->getMessage());
	}
	}

	// returns a comma delimited list of attrs for selecting
	// defaults to the caller's attrs_accessible
	private static function select_string( $select ){
	if ($select === null ){
	$self = get_called_class();
	$select = $self::$attrs_accessible ;
	}

	return implode(', ', $select);
	}

	// if empty, get default key, otherwise check key safety
	private static function key_verify($key ){
	$self = get_called_class();

	if ($key === null){
	$key = $self::$default_key;
	} else {
	$self::check_params($key);
	}
	return $key;
	}

	// check that key or params are safe
	private static function check_params($params){
	$self = get_called_class();
	if ( is_array($params) ){
	foreach ($params as $key => $value) {
	if ( !in_array($key, $self::$attrs_accessible) ){
	throw new Exception("Forbidden attribute: $key", 403);
	}
	}
	} else {
	if ( !in_array($params, $self::$attrs_accessible) ){
	throw new Exception("Forbidden attribute: $params", 403);
	}
	}
	}
	}