2017-08-01 48 views
1

我有一個較老的分頁腳本,多年來一直爲我服務,但它幾乎被開發人員拋棄,我無法繞過我的頭來升級mysql調用mysqli,由於它是oop,我很不熟悉。我的主要問題是我知道我需要改變什麼,但我無法弄清楚使用$ this-時的語法。簡單地改變電話是不夠的,當我添加參數時,編輯會抱怨它。試圖更新ps_pagination類

說,當我改變

$all_rs = @mysql_query($this->sql); 

$all_rs = mysqli_query($this->conn, $this->sql); 

(這可能是對OOP完全錯誤的語法)林告訴我缺少的查詢參數或者說我具有隱性增值經銷商。請記住,編輯只會看到課程,而不會看到提供給它的變量的價值,所以我對如何編寫代碼感到不知所措。

繼承人的滿級

<?php 
/** 
* PHPSense Pagination Class 
* 
* PHP tutorials and scripts 
* 
* @package  PHPSense 
* @author  Jatinder Singh Thind 
* @copyright Copyright (c) 2006, Jatinder Singh Thind 
* @link  http://www.phpsense.com 
*/ 

// ------------------------------------------------------------------------ 


class PS_Pagination { 
    var $php_self; 
    var $rows_per_page = 10; //Number of records to display per page 
    var $total_rows = 0; //Total number of rows returned by the query 
    var $links_per_page = 5; //Number of links to display per page 
    var $append = ""; //Paremeters to append to pagination links 
    var $sql = ""; 
    var $debug = false; 
    var $conn = false; 
    var $page = 1; 
    var $max_pages = 0; 
    var $offset = 0; 

    /** 
    * Constructor 
    * 
    * @param resource $connection Mysql connection link 
    * @param string $sql SQL query to paginate. Example : SELECT * FROM users 
    * @param integer $rows_per_page Number of records to display per page. Defaults to 10 
    * @param integer $links_per_page Number of links to display per page. Defaults to 5 
    * @param string $append Parameters to be appended to pagination links 
    */ 

    function PS_Pagination($connection, $sql, $rows_per_page = 10, $links_per_page = 5, $append = "") { 
     $this->conn = $connection; 
     $this->sql = $sql; 
     $this->rows_per_page = (int)$rows_per_page; 
     if (intval($links_per_page) > 0) { 
      $this->links_per_page = (int)$links_per_page; 
     } else { 
      $this->links_per_page = 5; 
     } 
     $this->append = $append; 
     $this->php_self = htmlspecialchars($_SERVER['PHP_SELF']); 
     if (isset($_GET['page'])) { 
      $this->page = intval($_GET['page']); 
     } 
    } 

    /** 
    * Executes the SQL query and initializes internal variables 
    * 
    * @access public 
    * @return resource 
    */ 
    function paginate() { 
     //Check for valid mysql connection 
     if (! $this->conn || ! is_resource($this->conn)) { 
      if ($this->debug) 
       echo "MySQL connection missing<br />"; 
      return false; 
     } 

     //Find total number of rows 
     $all_rs = @mysql_query($this->sql); 
     if (! $all_rs) { 
      if ($this->debug) 
       echo "SQL query failed. Check your query.<br /><br />Error Returned: " . mysql_error(); 
      return false; 
     } 
     $this->total_rows = mysql_num_rows($all_rs); 
     @mysql_close($all_rs); 

     //Return FALSE if no rows found 
     if ($this->total_rows == 0) { 
      if ($this->debug) 
       echo "Query returned zero rows."; 
      return FALSE; 
     } 

     //Max number of pages 
     $this->max_pages = ceil($this->total_rows/$this->rows_per_page); 
     if ($this->links_per_page > $this->max_pages) { 
      $this->links_per_page = $this->max_pages; 
     } 

     //Check the page value just in case someone is trying to input an aribitrary value 
     if ($this->page > $this->max_pages || $this->page <= 0) { 
      $this->page = 1; 
     } 

     //Calculate Offset 
     $this->offset = $this->rows_per_page * ($this->page - 1); 

     //Fetch the required result set 
     $rs = @mysql_query($this->sql . " LIMIT {$this->offset}, {$this->rows_per_page}"); 
     if (! $rs) { 
      if ($this->debug) 
       echo "Pagination query failed. Check your query.<br /><br />Error Returned: " . mysql_error(); 
      return false; 
     } 
     return $rs; 
    } 

    /** 
    * Display the link to the first page 
    * 
    * @access public 
    * @param string $tag Text string to be displayed as the link. Defaults to 'First' 
    * @return string 
    */ 
    function renderFirst($tag = 'First') { 
     if ($this->total_rows == 0) 
      return FALSE; 

     if ($this->page == 1) { 
      return '"previous-off">' . $tag; 
     } else { 
      return '"next"><a href="' . $this->php_self . '?page=1&amp;' . $this->append . '">' . $tag . '</a> '; 
     } 
    } 

    /** 
    * Display the link to the last page 
    * 
    * @access public 
    * @param string $tag Text string to be displayed as the link. Defaults to 'Last' 
    * @return string 
    */ 
    function renderLast($tag = 'Last') { 
     if ($this->total_rows == 0) 
      return FALSE; 

     if ($this->page == $this->max_pages) { 
      return '"previous-off">' . $tag; 
     } else { 
      return '"next"><a href="' . $this->php_self . '?page=' . $this->max_pages . '&amp;' . $this->append . '">' . $tag . '</a>'; 
     } 
    } 

    /** 
    * Display the next link 
    * 
    * @access public 
    * @param string $tag Text string to be displayed as the link. Defaults to '>>' 
    * @return string 
    */ 
    function renderNext($tag = '&gt;&gt;') { 
     if ($this->total_rows == 0) 
      return FALSE; 

     if ($this->page < $this->max_pages) { 
      return '"next"><a href="' . $this->php_self . '?page=' . ($this->page + 1) . '&amp;' . $this->append . '">' . $tag . '</a>'; 
     } else { 
      return '"next-off">' . $tag; 
     } 
    } 

    /** 
    * Display the previous link 
    * 
    * @access public 
    * @param string $tag Text string to be displayed as the link. Defaults to '<<' 
    * @return string 
    */ 
    function renderPrev($tag = '&lt;&lt;') { 
     if ($this->total_rows == 0) 
      return FALSE; 

     if ($this->page > 1) { 
      return ' "next"><a href="' . $this->php_self . '?page=' . ($this->page - 1) . '&amp;' . $this->append . '">' . $tag . '</a>'; 
     } else { 
      return '"previous-off">' . $tag; 
     } 
    } 

    /** 
    * Display the page links 
    * 
    * @access public 
    * @return string 
    */ 
    function renderNav($prefix = '<span class="page_link">', $suffix = '</span>') { 
     if ($this->total_rows == 0) 
      return FALSE; 

     $batch = ceil($this->page/$this->links_per_page); 
     $end = $batch * $this->links_per_page; 
     if ($end == $this->page) { 
      //$end = $end + $this->links_per_page - 1; 
     //$end = $end + ceil($this->links_per_page/2); 
     } 
     if ($end > $this->max_pages) { 
      $end = $this->max_pages; 
     } 
     $start = $end - $this->links_per_page + 1; 
     $links = ''; 

     for($i = $start; $i <= $end; $i ++) { 
      if ($i == $this->page) { 
       $links .= $prefix . ' class="active">' . "$i" . $suffix; 
      } else { 
       $links .= ' ' . $prefix . '><a href="' . $this->php_self . '?page=' . $i . '&amp;' . $this->append . '">' . $i . '</a>' . $suffix . ' '; 
      } 
     } 

     return $links; 
    } 

    /** 
    * Display full pagination navigation 
    * 
    * @access public 
    * @return string 
    */ 
    function renderFullNav() { 
     return $this->renderFirst() . '&nbsp;' . $this->renderPrev() . '&nbsp;' . $this->renderNav() . '&nbsp;' . $this->renderNext() . '&nbsp;' . $this->renderLast(); 
    } 

    /** 
    * Set debug mode 
    * 
    * @access public 
    * @param bool $debug Set to TRUE to enable debug messages 
    * @return void 
    */ 
    function setDebug($debug) { 
     $this->debug = $debug; 
    } 
} 
?> 

上我應該如何格式化這些電話有什麼想法? 謝謝

回答

0

Here,我修正了關於類構造方式的一些基本的東西,主要是尊重當前使用的標準和現代的oop構造。

的但是它的要點,駐留在聲明中呼籲:

$all_rs = $this->conn->query($this->sql); 
  • PHP具有我們應該作爲一個構造函數使用__construct()函數。
  • 定義您的會員時請使用私人,受保護和公開的。
  • 使用typehints指定的參數(PHP7提供了很多失蹤在PHP5標typehints(整型,字符串,浮點例如),但我們可以typehint任何類。
  • 無需手動驗證,如果連接成功或檢查錯誤連接對象應該建立所需的錯誤報告級別,mysqli實現將根據需要拋出異常
  • 絕不要在查詢前使用相當荒謬的@消除錯誤消息並不是一種理智的數據庫訪問理論,或者根據我的經驗去編程,只能導致難以調試。
  • 使用setter injection(for調試參數)也只能導致問題。將它作爲構造函數參數可確保所有分頁對象的生命週期的正確行爲。

壞消息

然而,這是SQL注入大開,因爲我還沒有改變函數簽名所以這可以繼續沿着實際的代碼中使用。通常情況下,您將準備,然後使用這些值執行語句以利用參數化語句。

+0

這只是一個分頁類,並且用戶變量已經準備好了,以避免sql注入,我錯過了特定於類的東西嗎?否則會去嘗試你的建議,儘管我的編輯還是說在查詢中沒有找到在bool資源/引用方法中查詢的方法在主題類中找不到。我目前正在檢查目錄中的文件而不是直播,所以這只是一個斷開連接? –

+0

您錯過了某些特定於sql的內容,沒有多少準備可以替代參數化查詢;參數化查詢將永遠不會*將值解釋爲sql,轉義值將*仍然*在sql中連接它們。是的,查詢方法存在於mysqli對象上,即使你的IDE很困惑。注意,在那個類沒有單一類型提示之前,所以你實際上沒有確定對象類型是否正確。 –