I'm trying to create a small SQL query class.
Here is my Class but i don't why, I've this error : Strict Standards: Only variables should be passed by reference in line 52
Line 52 is :
if (!$stmt->bind_param($param[$i][0], mysqli_real_escape_string($this->mysqli, $param[$i][1]))) {
My code (i'm beginning) :
<?php
class Sql{
private $db;
private $user;
private $pwd;
private $url;
private $param;
private $mysqli;
function __construct($db, $user, $pwd, $url){
$this->db = $db;
$this->user = $user;
$this->pwd = $pwd;
$this->url = $url;
}
/**
* mysqli::connection()
*
* @return
*/
public function connection()
{
try{
$this->mysqli = new mysqli($this->db, $this->user, $this->pwd, $this->url);
}catch(Exception $e){
throw new Exception("Impossible de se connecter à la base " . $this->db);
}
}
public function select($query, $param, $debug=false){
$this->connection();
$r = $this->InitialiseResult("select");
if (!($stmt = $this->mysqli->prepare($query))) {
echo "Echec de la préparation : (" . $this->mysqli->errno . ") " . $this->mysqli->error;
}
//Param
for($i=0;$i<sizeof($param);$i++){
if (!$stmt->bind_param($param[$i][0], mysqli_real_escape_string($this->mysqli, $param[$i][1]))) {
echo "Echec lors du liage des paramètres : (" . $stmt->errno . ") " . $stmt->error;
}
}
if (!$stmt->execute()) {
echo "Echec lors de l'exécution : (" . $stmt->errno . ") " . $stmt->error;
}
if (!($res = $stmt->get_result())) {
echo "Echec lors de la récupération du jeu de résultats : (" . $stmt->errno . ") " . $stmt->error;
}else{
$r["state"] = true;
$r["rows"] = $res->fetch_assoc();
$r["num_rows"] = $res->num_rows;
if($debug)
var_dump($r);
}
return $r;
}
/**
* mysqli::InitialiseResult()
*
* @param mixed $p
* @return
*/
public function InitialiseResult($p)
{
$r = array(); //on écrase
$r["state"] = false;
switch($p){
case "select":
$r["rows"] = array();
$r["num_rows"] = 0;
break;
}
return $r;
}
}
?>
I've try to put $param in a property and use that is mysqli_real_escape_string() but the error is still there.
Any ideas?
