1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
|
function products(){
$this->methodTable = array(
"getItems" => array(
"description" => "Returns products table",
"access" => "remote" // available values are private, public, remote
//"arguments" => array ("message")
),
"setItems" => array(
"description" => "Echoes the passed argument back to Flash (no need to set the return type)",
"access" => "remote", // available values are private, public, remote
"arguments" => array ("rs")
)
);
// Initialize db connection
$this->conn = mysql_pconnect($this->dbhost, $this->dbuser, $this->dbpass);
mysql_select_db ($this->dbname);
}
function getItems(){
return mysql_query("select * from list");
}
function setItems($rs){
$error = false;
for($i=0; $i<sizeof($rs); $i++){
$result = mysql_query("replace into list values('".$rs[$i]['PkProduct']."', '".$rs[$i]['Poste']."', '".$rs[$i]['Lieu']."', '".$rs[$i]['Description']."')");
if(!$result) $error = true;
}
if(!$error) return "Ok"; else return "Error";
}
// transforme une string pour éviter l'injection ou les apostrophes et guillements
// Note: mysql_escape_string est recommandé, il est plus sécure que addslashes
function escape($param)
{
// return mysql_escape_string($param);
// ou bien si on veut préciser la connexion courante :
return mysql_real_escape_string($param, $this->conn);
}
}
?> |
Partager