StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POCreate dynamic number Of variables
text
Body
copied!<p><strong>EDIT:</strong> after discussing <a href="https://stackoverflow.com/questions/8630152/php-eval-is-this-exploitable-in-my-code-dynamic-arguments">here click here</a> i decided to use Francis Avila solution, it is securer, but I didn't find a way to exploit my way, only everybody says its security risk to use eval(). If you find a way, to exploit my way, please post a comment. :-), so that i understand it and also another users, who use eval :-)</p> <p>One more thing not to use eval(), it is slower, for what i wanted todo.</p> <p><strong>EDIT:</strong></p> <p>One positive thing, also is in Francis Avila solution is, you need only specific only 2 vars, $SQL + $INPUT, no need more brother with $output.</p> <p><strong>EDIT: removed the old question and replaced it with this, so you have maybe a better idea what i want to do.</strong></p> <p>i found a solution how to make a dynamic number of Variables, but its not the optimal solution. Cause i need to edit / add more lines, if the number of variables gets higher than 8. So is there a way, to make that dynamic on dont relay on the <strong>switch function</strong></p> <pre><code>public function readDB($readdb, $input, $output1) { $sql = $readdb; $stmt = $this->mysqli->prepare($sql); if(!empty($input) && is_array($input)) { $inputn = count($input); switch($inputn) { case "1": $stmt->bind_param('s', $input[0][0]); break; case "2": $stmt->bind_param('ss', $input[0][0], $input[1][0]); break; case "3": $stmt->bind_param('sss', $input[0][0], $input[1][0], $input[3][0]); break; case "4": $stmt->bind_param('ssss', $input[0][0], $input[1][0], $input[3][0], $input[4][0]); break; case "5": $stmt->bind_param('sssss', $input[0][0], $input[1][0], $input[3][0], $input[4][0], $input[5][0]); break; case "6": $stmt->bind_param('ssssss', $input[0][0], $input[1][0], $input[3][0], $input[4][0], $input[5][0], $input[6][0]); break; case "7": $stmt->bind_param('sssssss', $input[0][0], $input[1][0], $input[3][0], $input[4][0], $input[5][0], $input[6][0], $input[7][0]); break; case "8": $stmt->bind_param('ssssssss', $input[0][0], $input[1][0], $input[3][0], $input[4][0], $input[5][0], $input[6][0], $input[7][0], $input[8][0]); break; default: break; } } if (!$stmt) {throw new Exception($mysqli->error);} $stmt->execute(); $stmt->store_result(); $checker = $stmt->num_rows; if($checker !== 0) { if(!empty($output1)) { switch($output1) { case "1": $stmt->bind_result($output[0]); while ($stmt->fetch()) { $results[] = array($output[0]); } break; case "2": $stmt->bind_result($output[0], $output[1]); while ($stmt->fetch()) { $results[] = array($output[0], $output[1]); } break; case "3": $stmt->bind_result($output[0], $output[1], $output[2]); while ($stmt->fetch()) { $results[] = array($output[0], $output[1], $output[2]); } break; case "4": $stmt->bind_result($output[0], $output[1], $output[2], $output[3]); while ($stmt->fetch()) { $results[] = array($output[0], $output[1], $output[2], $output[3]); } break; case "5": $stmt->bind_result($output[0], $output[1], $output[2], $output[3], $output[4]); while ($stmt->fetch()) { $results[] = array($output[0], $output[1], $output[2], $output[3], $output[4]); } break; case "6": $stmt->bind_result($output[0], $output[1], $output[2], $output[3], $output[4], $output[5]); while ($stmt->fetch()) { $results[] = array($output[0], $output[1], $output[2], $output[3], $output[4], $output[5]); } break; case "7": $stmt->bind_result($output[0], $output[1], $output[2], $output[3], $output[4], $output[5], $output[6]); while ($stmt->fetch()) { $results[] = array($output[0], $output[1], $output[2], $output[3], $output[4], $output[5], $output[6]); } break; case "8": $stmt->bind_result($output[0], $output[1], $output[2], $output[3], $output[4], $output[5], $output[6], $output[7]); while ($stmt->fetch()) { $results[] = array($output[0], $output[1], $output[2], $output[3], $output[4], $output[5], $output[6], $output[7]); } break; default: echo "HERE"; break; } } } else { $results = "NO RESULTS"; } $stmt->fetch(); $stmt->close(); $this->checker = $checker; $this->results = $results; $this->result = array('num_rows' => $checker, $results); return $this->results; </code></pre>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload