From 63689ae0e9f9cfcb04c5c6f1f7692bad46859fae Mon Sep 17 00:00:00 2001
From: Bryan <bryanpedini@bryanpedini.it>
Date: Wed, 29 May 2019 19:27:41 +0200
Subject: [PATCH] Website refactored Converted MySQLi Database.php class to
 PHP_PDO objects

---
 lib/php/classes/Database.php | 38 +++++++++++++++++++++++++-----------
 lib/php/go.php               | 12 ++++--------
 lib/php/insert.php           | 10 +++-------
 lib/php/login.php            | 12 ++++--------
 lib/php/manage.php           |  8 ++++----
 5 files changed, 42 insertions(+), 38 deletions(-)

diff --git a/lib/php/classes/Database.php b/lib/php/classes/Database.php
index c2c6ba7..7fb2e35 100644
--- a/lib/php/classes/Database.php
+++ b/lib/php/classes/Database.php
@@ -1,5 +1,5 @@
 <?php
-    class database {
+    class Database {
         private $config;
         private $connection;
         private $statement;
@@ -14,31 +14,47 @@
         }
 
         public function connect ( ) : void {
-            $this->connection = new MySQLi ( $this->config [ 'host' ], $this->config [ 'username' ], $this->config [ 'password' ], $this->config [ 'name' ], $this->config [ 'port' ] );
-            if ( $this->connection->connect_errno ) {
-                die ( "Database connection failed." );
+            try {
+                $this->connection = new PDO ( "mysql:dbname=" . $this->config [ 'name' ] . ";host=" . $this->config [ 'host' ] . ":" . $this->config [ 'port' ], $this->config [ 'username' ], $this->config [ 'password' ] );
             }
+            catch ( PDOException $exception ) {
+                die ( "Database connection failed: " . $exception->getMessage ( ) );
+            }
+        }
+
+        public function query ( string $query ) {
+            $result = $this->connection->query ( $query );
+            if ( $result === false ) {
+                die ( "Query execution error: " . $this->connection->errorInfo ( ) [ 2 ] );
+            }
+            return $result;
         }
 
         public function prepare ( string $query ) : void {
             if ( ! ( $this->statement = $this->connection->prepare ( $query ) ) ) {
-                die ( "Prepare failed: (" . $this->connection->errno . ") " . $this->connection->error );
+                die ( "Prepare failed: " . $this->statement->errorInfo ( ) [ 2 ] );
             }
         }
 
         public function bind ( array $params ) : void {
-            if ( ! call_user_func_array ( array ( $this->statement, "bind_param" ), array_merge ( $params [ 0 ], $params [ 1 ] ) ) ) {
-                die ( "Binding parameters failed: (" . $this->statement->errno . ") " . $this->statement->error );
+            foreach ( $params as $paramKey => $paramValue ) {
+                if ( ! $this->statement->bindValue ( $paramKey, $paramValue ) ) {
+                    die ( "Binding parameters failed: " . $this->statement->errorInfo ( ) [ 2 ] );
+                }
             }
         }
 
         public function execute ( ) : void {
-            if ( ! $this->statement->execute ( ) ) {
-                die ( "Execute failed: (" . $this->statement->errno . ") " . $this->statement->error );
+            if ( $this->statement->execute ( ) === false ) {
+                die ( "Execute failed: " . $this->statement->errorInfo ( ) [ 2 ] );
             }
         }
 
-        public function get_result ( ) : MySQLi_result {
-            return $this->statement->get_result ( );
+        public function debugDumpParams ( ) : void {
+            $this->statement->debugDumpParams ( );
+        }
+
+        public function get_result ( ) : PDOStatement {
+            return $this->statement;
         }
     }
diff --git a/lib/php/go.php b/lib/php/go.php
index 81679b4..8f6a859 100644
--- a/lib/php/go.php
+++ b/lib/php/go.php
@@ -7,21 +7,17 @@
         $link_id = (int) $link_id;
         $database = new Database ( $GLOBALS [ 'config' ] [ 'db' ] );
         $database->connect ( );
-        $database->prepare ( "SELECT links.URL FROM links WHERE links.ID = ?" );
-        $parameters = [
-            [ "i" ],
-            [ &$link_id ],
-        ];
-        $database->bind ( $parameters );
+        $database->prepare ( "SELECT links.URL FROM links WHERE links.ID = :link_id" );
+        $database->bind ( [ ':link_id' => $link_id ] );
         $database->execute ( );
         $result = $database->get_result ( );
-        $row = $result->fetch_assoc ( );
-        if ( ! $row ) {
+        if ( $result->rowCount ( ) == 0 ) {
             http_response_code ( 404 );
             include ( $GLOBALS [ 'config' ] [ 'installation_path' ] . '/lib/errors/404.html' );
             exit;
         }
         else {
+            $row = $result->fetchAll ( ) [ 0 ];
 ?>
 <!DOCTYPE html>
 <html>
diff --git a/lib/php/insert.php b/lib/php/insert.php
index 2515118..3154a5c 100644
--- a/lib/php/insert.php
+++ b/lib/php/insert.php
@@ -22,17 +22,13 @@
     $database = new Database ( $GLOBALS [ 'config' ] [ 'db' ] );
     $database->connect ( );
     $url = $_POST [ 'url' ];
-    $database->prepare ( "INSERT INTO `links` ( `URL`, `created_by` ) VALUES ( ?, " . $_SESSION [ 'user_id' ] . " );" );
-    $parameters = [
-        [ "s" ],
-        [ &$url ],
-    ];
-    $database->bind ( $parameters );
+    $database->prepare ( "INSERT INTO `links` ( `URL`, `created_by` ) VALUES ( :url, " . $_SESSION [ 'user_id' ] . " );" );
+    $database->bind ( [ ':url' => $url ] );
     $database->execute ( );
     $database->prepare ( "SELECT MAX( links.ID ) as `last` FROM links;");
     $database->execute ( );
     $result = $database->get_result ( );
-    $row = $result->fetch_assoc ( );
+    $row = $result->fetchAll ( ) [ 0 ];
     header ( 'Content-Type: application/json' );
     $response = [
         'status' => 200,
diff --git a/lib/php/login.php b/lib/php/login.php
index aa239e4..e2f90cf 100644
--- a/lib/php/login.php
+++ b/lib/php/login.php
@@ -12,16 +12,11 @@
         $password = $_POST [ 'password' ];
         $database = new Database ( $config [ 'db' ] );
         $database->connect ( );
-        $database->prepare ( "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" );
-        $parameters = [
-            [ "ss" ],
-            [ &$username, &$password ],
-        ];
-        $database->bind ( $parameters );
+        $database->prepare ( "SELECT users.id FROM users WHERE users.username = :username AND users.password = :password" );
+        $database->bind ( [ ':username' => $username, ':password' => $password ] );
         $database->execute ( );
         $result = $database->get_result ( );
-        $row = $result->fetch_assoc ( );
-        if ( ! $row ) {
+        if ( $result->rowCount ( ) == 0 ) {
             header ( 'Content-Type: application/json' );
             http_response_code ( 401 );
             $response = [
@@ -32,6 +27,7 @@
             exit;
         }
         else {
+            $row = $result->fetchAll ( ) [ 0 ];
             $_SESSION [ 'user_id' ] = $row [ 'id' ];
             header ( 'Content-Type: application/json' );
             $response = [
diff --git a/lib/php/manage.php b/lib/php/manage.php
index 4a22c9b..9b13036 100644
--- a/lib/php/manage.php
+++ b/lib/php/manage.php
@@ -7,7 +7,6 @@
     $database->prepare ( "SELECT links.ID, links.URL FROM links WHERE links.created_by = " . $_SESSION [ 'user_id' ] );
     $database->execute ( );
     $result = $database->get_result ( );
-    $row = $result->fetch_assoc ( );
 ?>
 <!DOCTYPE html>
 <html>
@@ -19,13 +18,14 @@
         <button onclick="logout()">Logout</button>
         <div id="urllist">
 <?php
-                if ( ! $row ) {
+                if ( $result->rowCount ( ) == 0 ) {
                     echo ( "You have not created any URL yet.<br>" );
                 }
                 else {
-                    do {
+                    $rows = $result->fetchAll ( PDO::FETCH_ASSOC );
+                    foreach ( $rows as $row ) {
                         echo ( "\t\t\t" . '<div>' . $row [ 'ID' ] . " | " . $row [ 'URL' ] . "</div>\n" );
-                    } while ( $row = $result->fetch_assoc ( ) );
+                    }
                 }
 ?>
         </div>