From 4ac2d6ac4e2491b133e40456574717b51207767f Mon Sep 17 00:00:00 2001
From: James <james@sourcefabric-DX4840.(none)>
Date: Wed, 5 Sep 2012 15:59:15 -0400
Subject: [PATCH] CC-4346: Prepared statements - part 2

- adding common function to prepare param to PDO statement and excute.
---
 airtime_mvc/application/common/Database.php | 24 +++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 airtime_mvc/application/common/Database.php

diff --git a/airtime_mvc/application/common/Database.php b/airtime_mvc/application/common/Database.php
new file mode 100644
index 000000000..0f15b204e
--- /dev/null
+++ b/airtime_mvc/application/common/Database.php
@@ -0,0 +1,24 @@
+<?php
+class Application_Common_Database{
+    public static function prepareAndExcute($sql, $paramValueMap, $type='all'){
+        $con = Propel::getConnection();
+        $stmt = $con->prepare($sql);
+        foreach ($paramValueMap as $param => $v) {
+            $stmt->bindValue($param, $v);
+        }
+        $rows = array();
+        if ($stmt->execute()) {
+            if ($type == 'single') {
+                $rows = $stmt->fetch(PDO::FETCH_ASSOC);
+            } else if ($type == 'column'){
+                $rows = $stmt->fetchColumn();
+            } else {
+                $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            }
+        } else {
+            $msg = implode(',', $stmt->errorInfo());
+            throw new Exception("Error: $msg");
+        }
+        return $rows;
+    }
+}
\ No newline at end of file