MySQL Connector

STOP: Do not write SQL queries in your code. Instead, use component methods to access and
manipulate data.

This class contains variables and methods for working with the database currently connected

You may create a new instance of this class in order to connect to an alternate database.

Ensure that prepareStr and prepareInt are used whenever variables are inserted into SQL
queries. Otherwise your site will be vulnerable to SQL injection.

Class Methods

The following methods can be invoked on instances of this class.

__construct(mixed strServer, mixed strUsername, mixed strPassword, string strDatabase)

Connects to the database specified in the configuration file




Closes the database connection



trigger_error(mixed strTitle, mixed iErrorNumber, string strDescription)

Prints a database error to the client

tableSave(mixed arrTable)

Creates or updates table $arrTable

tableExists(string strTable)

Returns whether or not a table exists in the database


Returns all tables in the database

tableGet(string strTable)

Returns the schema of a table

tableEmpty(string strTable)

Empties / truncates a table

tableRename(mixed strOldName, string strNewName)

Renames a table

tableDrop(string strTableName)

Drops a table

tableFieldSave(mixed strTableName, mixed arrField, string strAfter)

Modifies a database field

tableFieldGet(mixed strTable, string strField)

Returns a specific field for a table

tableFieldGetAll(string strTable)

Returns all fields for a table

tableFieldExists(mixed strTable, string strField)

Returns if a field exists

tableFieldRename(mixed strTableName, mixed strOldName, string strNewName)

Renames a field in a table

tableFieldDrop(mixed strTableName, string strField)

Drops a field from a table

tableIndexGetAll(string strTableName)

Retrieves the indexes set on a table

tableIndexGetAllSearchable(string strTableName)

Retrieves the indexes set on a table

tableIndexExists(mixed strTableName, string strIndexId)

Returns whether a table index exists

tableIndexAdd(mixed strTableName, array arrIndex)

Add an index on a field

tableIndexDrop(mixed strTableName, mixed strIndexKey)

Drops an index

query(mixed strSQL)

Executes a query

queryMultiple(mixed strSQL)

Executes multiple queries

queryMultipleFile(mixed strFile)

Executes multiple queries from a file

queryAllRows(mixed strSQL)

Returns all the rows of the query as a linear array (rows indexed by row number)
of associative arrays (columns indexed by column name). Example: $db->queryAllRows('SELECT * FROM products');

queryAllRowsLinearArray(mixed strSQL)

Returns the first cell of every row as a linear array
Example: $db->queryAllRowsLinearArray('SELECT product_id FROM products');

querySingleRow(mixed strSQL)

Returns the first row from the results of a query as an associative array.
Example: $db->querySingleRow('SELECT column FROM table WHERE column = 6');

querySingleResult(mixed strSQL)

Returns the first column of the first row from the results of a query.
Example: $db->querySingleResult('SELECT MAX(column) FROM table');

queryTableStatus(string strTable)

Returns the MySQL status of a table


Returns the number of rows affected by the query


Returns all queries executed by this page so far


Returns all queries executed by this page so far as a html string (Unordered list)



Gets the number of queries executed

fetchArray(resource pResource)

Fetch the next result row as an associative array

fetchRow(mixed pResource)

freeResult(result result)

Free result memory


Returns the format for strftime for inserting and updating time stamps for this
type of database


Returns the format for strftime for inserting and updating time stamps for this
type of database

formatDate(mixed strDate)

Formats datetime for queries

formatDateTime(mixed strDate)

Formats datetime for queries

prepareName(string str)

Encloses a string with back ticks, and escapes any existing back ticks

prepare(mixed strValue)

Prepares a variable for concatenation into a SQL query

prepareStr(string strValue)

Makes a string protected against SQL injection for use in
concatenating in SQL queries.

prepareInt(mixed int)

Makes an integer secure against SQL Injection

prepareFloat(mixed float)

Makes an float secure against SQL Injection


Returns the id of the record last inserted

_getFieldClause(mixed arrField)

Returns the clause for creating / updating a field

_getIndexClause(array arrIndex)

Returns the clause for adding / updating an index

autocommit(mixed mode)

begin_transaction(mixed flags, mixed name)

change_user(mixed user, mixed password, mixed database)


commit(mixed flags, mixed name)

connect(mixed host, mixed user, mixed password, mixed database, mixed port, mixed socket)


debug(mixed debug_options)







kill(mixed connection_id)

multi_query(mixed query)

mysqli(mixed host, mixed user, mixed password, mixed database, mixed port, mixed socket)



options(mixed option, mixed value)


poll(mixed read, mixed write, mixed error, mixed sec, mixed usec)

real_connect(mixed host, mixed user, mixed password, mixed database, mixed port, mixed socket, mixed flags)

real_escape_string(mixed string_to_escape)


escape_string(mixed string_to_escape)

real_query(mixed query)

release_savepoint(mixed name)

rollback(mixed flags, mixed name)

savepoint(mixed name)

select_db(mixed database)

set_charset(mixed charset)

set_opt(mixed option, mixed value)

ssl_set(mixed key, mixed cert, mixed certificate_authority, mixed certificate_authority_path, mixed cipher)



store_result(mixed flags)



refresh(mixed options)