Zend DatabaseBuzoo PHP LectureBy : Tya Herlina

DefinitionZend_Db and its related classes provide a simple SQL database interface for Zend Framework.

Zend_Db_AdapterZend_Db_Adapter is the basic class you use to connect your PHP application to an RDBMS. There is a different Adapter class for each brand of RDBMS.

Zend_Db_Adapter (cont’d)

RDBMS Adapter

IBM DB2 Pdo_ibm

MariaDB Pdo_mysql

MySQL Pdo_mysql

Microsoft SQL Server Pdo_dblib

Oracle Pdo_oci

PostgreSQL Pdo_pgsql

SQLite Pdo_sqlite

Set Connection1. Using a Zend_Db Adapter Constructor2. Using the Zend_Db Factory3. Using Zend_Config with the Zend_Db

Factory

1. Using a Zend_Db Adapter Constructor

$db = new Zend_Db_Adapter_Pdo_Mysql(array(    ’host’ => ’buzoo.biz’,    ’username’  => ’root’,    ’password’  => ’’,    ’dbname’    => ’app_geshucloud’));

2. Using the Zend_Db Factory$db = Zend_Db::factory('Pdo_Mysql', array(    ’host’ => ’buzoo.biz’,    ’username’  => ’root’,    ’password’  => ’’,    ’dbname’    => ’app_geshucloud’));

3. Using Zend_Config with the Zend_Db Factory

database.host = “buzoo.biz“database.username = “root“database.password = “database.dbname = “app_geshucloud“

$config = new Zend_Config_Ini(“path/to/config.ini“);$db = Zend_Db::factory(‘Pdo_Mysql‘, $config->database);

Set Connection

Zend_Db_Table_Abstract::setDefaultAdapter($db);

public function db() { return Zend_Db_Table_Abstract::getDefaultAdapter(); }

Get Connection

Reading Query Results1. Fetching a Complete Result Set2. Fetching a Single Row from a Result Set3. Fetching a Single Scalar from a Result Set4. Fetching a Result Set as an Associative

Array5. Fetching Key-Value Pairs from a Result Set6. Fetching a Single Column from a Result

Set

1. Fetching a Complete Result Set$models = $this->db()->fetchAll(

“SELECT * FROM `dtb_customer`”); print_r($models);echo $models[0][`customerID`]; //44

Array ( [0] => Array ( [customerID] => 44 [customerName] => Adisti Prihartini [customerAddr] => Maleo 345 Bintan[customerPhone] => 2390554[create_date] => 2012-10-30 14:29:36 [update_date] => 2012-11-27 16:04:45 ) [1] => Array ( [customerID] => 45 [customerName] => Angela Nayoan[customerAddr] => Van Heutz Boulevard 53 Batavia[customerPhone] => 2140[create_date] => 2012-10-30 14:29:36 [update_date] => 2012-11-27 16:04:45 )

)

2. Fetching a Single Row from a Result Set$models = $this->db()->fetchRow(

“SELECT * FROM `dtb_customer` LIMIT 1”);print_r($models);echo $models[`customerID`]; //44

Array ( [customerID] => 44 [customerName] => Adisti Prihartini [customerAddr] => Maleo 345 Bintan[customerPhone] => 2390554 [create_date] => 2012-11-05 10:09:14 [update_date] => 2012-11-21 10:35:45 )

3. Fetching a Single Scalar from a Result Set$models = $this->db()->fetchOne(

“SELECT `customerID` FROM `dtb_customer` LIMIT 1”);print_r($models);echo $models[`customerID`];

44

Modifying Data to the Database1. Inserting Data2. Updating Data3. Deleting Data

1. Inserting Data$this->db()->insert(‘dtb_room_facility‘, array( ‘room_id‘ => 99, ‘facility_id‘ => 99 ));echo $this->db()->lastInsertId(); //5

$model = new Dao_RoomFacility();$new_id = $model->insert(array( ‘room_id‘ => 99, ‘facility_id‘ => 99 ));echo $new_id; //5

2. Updating Data$update_id = $this->db()->update('dtb_room_facility',

array( 'room_id' => 999, 'facility_id' => 999 ), 'id = 999');echo $update_id; //1

$model = new Dao_RoomFacility();$update_id = $model->update(array( 'room_id' => 899, 'facility_id' => 899 ), 'id = 899');echo $update_id; //1

3. Deleting Data$delete_id = $this->db()->delete(

'`dtb_room_facility`', '`id` = 999');

echo $delete_id; //1

$model = new Dao_RoomFacility();$delete_id = $model->delete(

'`id` = 899');echo $delete_id; //1

Preventing SQL Injection $name = "O'Reilly"; $sql = "SELECT * FROM `dtb_customer` WHERE `customerName` = '$name'";

echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O'Reilly'

Quoting Values and Identifiers1. Using quote()2. Using quoteInto()3. Using quoteIdentifier()

1. Using quote()$name = $this->db()->quote("O'Reilly"); $sql =

"SELECT * FROM `dtb_customer` WHERE `customerName` = $name";

echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O\'Reilly'

$phone = $this->db()->quote("1234", "INTEGER"); $sql =

"SELECT * FROM `dtb_customer` WHERE `customerPhone` = $phone";

echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerPhone` = 1234

2. Using quoteInto()$name = "O'Reilly"; $sql = $this->db()->quoteInto("SELECT * FROM `dtb_customer` WHERE `customerName` = ?", $name

); echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O\'Reilly'

Notes Always store your logic query in

Models/Logic/your_logic.php Minimizing the possibility of SQL

injection with quoting values When creating logic, please reduce the

possibility of errors Always return your logic result value Always check the existing logic before

you make yours

Thank you~ Question? Share? Critics? Advice?