Added 'update' shortcut function to SQL plugin.

pquery.sql.php

@@ -337,7 +337,7 @@ class pQuerySql extends pQuery implements pQueryExtension {
 	 * @returns pQuerySql The created query instance.
 	 */
 	static function select($table, $columns, $constraints=array(), $escape=true) {
-		return _sql('SELECT [columns] FROM `[table]` WHERE [constraints];')
+		return _sql("SELECT [columns] FROM `[table]` WHERE [constraints];")
 			->set_unescaped(array(
 				'columns' => self::parse_columns($columns),
 				'table' => $table,
@@ -345,6 +345,35 @@ class pQuerySql extends pQuery implements pQueryExtension {
 			));
 	}
 	
+	/**
+	 * Apply the given changes to all records in the given table that
+	 * match the constraints.
+	 * 
+	 * @param string $table The table to update in.
+	 * @param array $changes Column names pointing to their new values.
+	 * @param array $constraints Column names pointing to their values.
+	 * @param bool $escape Whether to escape the changed values and the
+	 *                     constraint values. Defaults to TRUE.
+	 * @returns pQuerySql The created query instance.
+	 */
+	static function update($table, $changes, $constraints=array(), $escape=true) {
+		// Parse changes
+		$escaped_changes = array();
+		
+		foreach( $changes as $column => $value ) {
+			$column = self::escape_column($column);
+			$value = self::escape_value($value);
+			$escaped_changes[] = "$column = $value";
+		}
+		
+		return _sql("UPDATE `[table]` SET [changes] WHERE [constraints];")
+			->set_unescaped(array(
+				'table' => $table,
+				'changes' => implode(", ", $escaped_changes),
+				'constraints' => self::parse_constraints($constraints, $escape)
+			));
+	}
+	
 	/**
 	 * Insert a record in the given table.
 	 * 
@@ -355,9 +384,9 @@ class pQuerySql extends pQuery implements pQueryExtension {
 	 */
 	static function insert_row($table, $values, $escape=true) {
 		$columns = array_keys($values);
-		$escape && array_walk($values, 'pQuerySql::escape');
+		$escape && $values = array_map('pQuerySql::escape', $values);
 		
-		return _sql('INSERT INTO `[table]`([columns]) VALUES([values]);')
+		return _sql("INSERT INTO `[table]`([columns]) VALUES([values]);")
 			->set_unescaped(array(
 				'table' => $table,
 				'columns' => "`".implode("`, `", $columns)."`",
@@ -374,7 +403,7 @@ class pQuerySql extends pQuery implements pQueryExtension {
 	 * @returns pQuerySql The created query instance.
 	 */
 	static function delete($table, $constraints, $escape=true) {
-		return _sql('DELETE FROM `[table]` WHERE [constraints];')
+		return _sql("DELETE FROM `[table]` WHERE [constraints];")
 			->set_unescaped(array(
 				'table' => $table,
 				'constraints' => self::parse_constraints($constraints, $escape)
@@ -441,6 +470,22 @@ class pQuerySql extends pQuery implements pQueryExtension {
 		return "`$column`";
 	}
 	
+	/**
+	 * Escape a value so that it can be saved safely.
+	 * 
+	 * @param string $value The value to escape.
+	 * @returns string The escaped value.
+	 */
+	static function escape_value($value) {
+		if( preg_match("/^'[^']*'$/", $value) ) {
+			// 'value' -> 'value'
+			return $value;
+		}
+		
+		// value -> 'value'
+		return "'$value'";
+	}
+	
 	/**
 	 * Parse a list of constraints.
 	 * 
@@ -468,11 +513,12 @@ class pQuerySql extends pQuery implements pQueryExtension {
 			$condition = "`$column` ";
 			
 			if( is_array($value) ) {
-				$escape && array_walk($value, 'pQuerySql::escape');
-				$condition .= "IN ('".implode("', '", $value)."')";
+				$escape && $value = array_map('pQuerySql::escape', $value);
+				$value = array_map('pQuerySql::escape_value', $value);
+				$condition .= "IN (".implode(", ", $value).")";
 			} else {
 				$escape && $value = self::escape($value);
-				$condition .= "= '$value'";
+				$condition .= "= ".self::escape_value($value);
 			}
 			
 			$conditions[] = $condition;

test/test_sql.php

@@ -69,14 +69,6 @@ class pQuerySqlTest extends UnitTestCase {
 		$this->assertEqual($sql->query, "1 2 3 4");
 	}
 	
-	function test_select_simple() {
-		self::set_login_data();
-		$sql = _sql("select bar from foo where id = 1");
-		$result = $sql->fetch('object');
-		$this->assertEqual($result->bar, 'test1');
-		$this->assertIdentical($sql->fetch(), false);
-	}
-	
 	function test_num_rows() {
 		self::set_login_data();
 		$sql = _sql("select bar from foo where id in (1, 2)");
@@ -144,6 +136,11 @@ class pQuerySqlTest extends UnitTestCase {
 		$this->assertEqual($sql->query, "SELECT * FROM `foo` WHERE `bar` = 'test1';");
 	}
 	
+	function test_update_query() {
+		$sql = __sql::update('foo', array('bar' => 'test4'), array('id' => 1), false);
+		$this->assertEqual($sql->query, "UPDATE `foo` SET `bar` = 'test4' WHERE `id` = '1';");
+	}
+	
 	function test_insert_query() {
 		$sql = __sql::insert_row('foo', array('bar' => 'test3'), false);
 		$this->assertEqual($sql->query, "INSERT INTO `foo`(`bar`) VALUES('test3');");
@@ -154,6 +151,29 @@ class pQuerySqlTest extends UnitTestCase {
 		$this->assertEqual($sql->query, "DELETE FROM `foo` WHERE `bar` = 'test3';");
 	}
 	
+	function test_select() {
+		self::set_login_data();
+		$sql = _sql("select bar from foo where id = 1");
+		$result = $sql->fetch('object');
+		$this->assertEqual($result->bar, 'test1');
+		$this->assertIdentical($sql->fetch(), false);
+	}
+	
+	function test_update() {
+		self::set_login_data();
+		$update = __sql::update('foo', array('bar' => 'test4'),
+			array('id' => 1), false)->execute();
+		
+		// Do not continue unless the value has been updated
+		if( !$this->assertIdentical($update->result, true) )
+			return false;
+		
+		// Chachge the updated record back to its original state
+		$update = __sql::update('foo', array('bar' => 'test1'),
+			array('id' => 1), false)->execute();
+		$this->assertIdentical($update->result, true);
+	}
+	
 	function test_insert_delete() {
 		self::set_login_data();
 		$insert = __sql::insert_row('foo', array('bar' => 'test3'))->execute();