This is pretty very long code. I’ve been using this as a template.
<?php
protected static $table_name = 'guidance.tbl_stud_precord';
protected static $db_fields = array('stud_id_string',
'stud_nationality',
'stud_religion',
'stud_bplace',
'stud_sibling_rank',
'stud_home_add',
'stud_provincial_add',
'stud_residence_no',
'stud_mobile_no',
'stud_married',
'stud_working',
'stud_offspring',
//working student
'stud_occ',
'stud_occ_started',
'stud_occ_employer',
'stud_occ_contact',
'stud_occ_add',
//married student
'stud_partner_name',
'stud_partner_birthday',
'stud_partner_birthplace',
'stud_partner_nationality',
'stud_partner_religion',
'stud_partner_siblingrank',
'stud_partner_occ',
'stud_partner_emp_add',
//student offspring
'stud_offspring_name',
'stud_offspring_birthday',
'stud_offspring_gender',
'stud_offspring_school',
'stud_offspring_school_level'
);
public $stud_id_string;
public $stud_nationality;
public $stud_religion;
public $stud_birthday;
public $stud_birthplace;
public $stud_sibling_rank;
public $stud_home_add;
public $stud_provincial_add;
public $stud_residence_no;
public $stud_mobile_no;
public $stud_married;
public $stud_working;
public $stud_offspring;
//working student
public $stud_occ;
public $stud_occ_started;
public $stud_occ_employer;
public $stud_occ_contact;
public $stud_occ_add;
//married student
public $stud_partner_name;
public $stud_partner_birthday;
public $stud_partner_birthplace;
public $stud_partner_nationality;
public $stud_partner_religion;
public $stud_partner_siblingrank;
public $stud_partner_occ;
public $stud_partner_emp_add;
//student offspring
//
public $stud_offspring_name;
public $stud_offspring_birthday;
public $stud_offspring_gender;
public $stud_offspring_school;
public $stud_offspring_school_level;
private static function instantiate($attributes)
{
// Could check that $record exists and is an array
$object = new self;
// Simple, long-form approach:
// $object->id = $record['id'];
// $object->username = $record['username'];
// $object->password = $record['password'];
// $object->first_name = $record['first_name'];
// $object->last_name = $record['last_name'];
// More dynamic, short-form approach:
foreach ($record as $attribute => $value) {
if ($object->has_attribute($attribute))
{
$object->$attribute = $value;
}
}
return $object;
}
private function has_attribute($attribute)
{
// We don't care about the value, we just want to know if the key exists
// Will return true or false
return array_key_exists($attribute, $this->attributes());
}
protected function attributes()
{
// return an array of attribute names and their values
$attributes = array();
foreach (self::$db_fields as $field) {
if (property_exists($this, $field)) {
$attributes[$field] = $this->$field;
}
}
return $attributes;
}
protected function sanitized_attributes() {
global $database;
$clean_attributes = array();
// sanitize the values before submitting
// Note: does not alter the actual value of each attribute
foreach($this->attributes() as $key => $value){
$clean_attributes[$key] = $this->clean($value);
}
return $clean_attributes;
}
function clean($var) {
if(is_array($var)) {
array_map('self::clean',$var);
} else {
$var = htmlentities(strip_tags($var),ENT_QUOTES);
}
return $var;
}
public function create() {
// Don't forget your SQL syntax and good habits:
// - UPDATE table SET key='value', key='value' WHERE condition
// - single-quotes around all values
// - escape all values to prevent SQL injection
$attributes = $this->sanitized_attributes();
$sql = ":";
$sql .= join(" , :", array_values(self::$db_fields));
$this->db->beginTransaction();
$st = $this->db->prepare("USE guidance EXEC guidance.stud_precord_insert {$sql} ");
foreach($attributes as $key => &$value) {
$k = ':'.$key;
if ($value === '')
{
$val = 'NULL';
$par = PDO::PARAM_NULL;
echo "bindValue($k, $val,$par)<br/>";
$st->bindValue($k, $val,$par);
}
elseif(is_array($value))
{
foreach($value as $v)
{
if ($v === '')
{
$v = 'NULL';
$par = PDO::PARAM_NULL;
echo "bindValue($k, $v,$par)<br/>";
$st->bindValue($k, $v,$par);
}
else
{
$par =PDO::PARAM_STR;
echo "bindValue($k, $v,$par)<br/>";
$st->bindValue($k, $v,$par);
}
//$c = $st->execute();
}
}
else{
$val = $value;
$par =PDO::PARAM_STR;
echo "bindValue($k, $val,$par)<br/>";
$st->bindValue($k, $val,$par);
}
}
$c = $st->execute();
$this->db->commit();
$rc = $st->rowCount();
$e = $st->errorCode() ;
$arr = $st->errorInfo() ;
//echo $c.'<br/>';
echo $rc.'<br/>';
echo $e;
print_r($arr);
}
}
?>