Debugging wrapper functions....

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Glowing Face Man
Forum Newbie
Posts: 7
Joined: Fri Oct 16, 2009 3:56 pm

Debugging wrapper functions....

Post by Glowing Face Man »

Hello,

In order to safeguard against SQL injection attacks as well as make my code more portable, I created special wrapper functions for the SQL stuff I need, EG:

Code: Select all

function dbescape( $value )
{
  return mysql_real_escape_string( $value );
}
 
function diesql()
{
  die(mysql_error());
}
 
function dbselect($table,$field,$value)
{
  $q = mysql_query("SELECT * FROM ".$table." WHERE ".$field."='".dbescape($value)."'") or diesql();
  return $q;
}
 
function dbnumrows($x)
{
  return mysql_numrows($x);
}
All very good, it saves me from having to constantly escape things manually, but now whenever I get an error related to SQL stuff, it just reports the line number in my functions file, not the line number where the REAL problem lies :banghead: EG:

Code: Select all

Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in phpfuncs.php on line 44
when the actual problem I need to correct is at some distant location in a whole different file :banghead:

So the question is, is there a way to modify it so it tells me something about who called the function... EG, the above warning might become:

Code: Select all

Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in phpfuncs.php on line 44, called by submit.php on line 250
Thanks for helping :D :drunk:
User avatar
Weiry
Forum Contributor
Posts: 323
Joined: Wed Sep 09, 2009 5:55 am
Location: Australia

Re: Debugging wrapper functions....

Post by Weiry »

Usually when i work with SQL and database connections, i run an Error class in order to catch errors like that.
From there i would do checks to see if any error's exist in my error class.

My database connection is usually also handled by a class, so my queries look like this:

Code: Select all

$q = "SELECT `product_name`,`product_price` FROM `products` WHERE `product_id` = '{$prodID}'";
$result = $this->database->query($q) or die($this->error->reportError('sql',__FILE__,__LINE__,addslashes(mysql_error()),addslashes($q)))
So you can print any sort of format you want out.
I usually have mine formatted like:
Type, File, Line, The SQL Error, The SQL Query.

Which is a pretty good overview for an error you might come across.

Note: If you want it to be accurate, you MUST put your query (in my case $q) the line above your mysql_query statement. That way you know exactly where the error is occurring from your die()
Glowing Face Man
Forum Newbie
Posts: 7
Joined: Fri Oct 16, 2009 3:56 pm

Re: Debugging wrapper functions....

Post by Glowing Face Man »

Thanks, guys, I will try out these suggestions :)
Post Reply