diff options
Diffstat (limited to 'includes/database.mysqli.inc')
| -rw-r--r-- | includes/database.mysqli.inc | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/includes/database.mysqli.inc b/includes/database.mysqli.inc index b0a5278d0..779a4a909 100644 --- a/includes/database.mysqli.inc +++ b/includes/database.mysqli.inc @@ -205,6 +205,11 @@ function db_affected_rows() { * User-supplied arguments to the query should be passed in as separate parameters * so that they can be properly escaped to avoid SQL injection attacks. * + * Note that if you need to know how many results were returned, you should do + * a SELECT COUNT(*) on the temporary table afterwards. db_num_rows() and + * db_affected_rows() do not give consistent result across different database + * types in this case. + * * @param $query * A string containing an SQL query. * @param ... @@ -239,6 +244,50 @@ function db_query_range($query) { } /** + * Runs a SELECT query and stores its results in a temporary table. + * + * Use this as a substitute for db_query() when the results need to stored + * in a temporary table. Temporary tables exist for the duration of the page + * request. + * User-supplied arguments to the query should be passed in as separate parameters + * so that they can be properly escaped to avoid SQL injection attacks. + * + * Note that if you need to know how many results were returned, you should do + * a SELECT COUNT(*) on the temporary table afterwards. db_num_rows() and + * db_affected_rows() do not give consistent result across different database + * types. + * + * @param $query + * A string containing a normal SELECT SQL query. + * @param ... + * A variable number of arguments which are substituted into the query using + * printf() syntax. Instead of a variable number of query arguments, you may + * also pass a single array containing the query arguments. + * @param $table + * The name of the temporary table to select into. This name will not be + * prefixed as there is no risk of collision. + * @return + * A database query result resource, or FALSE if the query was not executed + * correctly. + */ +function db_query_temporary($query) { + $args = func_get_args(); + $tablename = array_pop($args); + + $query = preg_replace('/^SELECT/i', 'CREATE TEMPORARY TABLE '. $tablename .' SELECT', db_prefix_tables($query)); + if (count($args) > 1) { + // Check for array (alternative syntax). + if (is_array($args[1])) { + $args = array_merge(array($query), $args[1]); + } + $args = array_map('db_escape_string', $args); + $args[0] = $query; + $query = call_user_func_array('sprintf', $args); + } + return _db_query($query); +} + +/** * Returns a properly formatted Binary Large OBject value. * * @param $data |