🔒️ Use a PDO-based database layer

kernel/core.php

@@ -1,13 +1,13 @@
 <?php
 
-$controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control");
-$controlrow = mysqli_fetch_array($controlquery);
-
+$db = new Database();
 $router = new Router();
 $renderer = new Renderer();
 $messages = new Messages();
 $postData = new PostData();
 
+$controlrow = $controlRepositories->get();
+
 // Application des différents namespace utilisés par le systeme
 $router->registerNamespace('admin', 2, false); 
 $router->registerNamespace('user', 1, false); 

kernel/database.php

@@ -0,0 +1,39 @@
+<?php
+
+class Database {
+    private $pdo;
+    private $numqueries = 0;
+    private $dbsettings;
+
+    public function __construct() {
+        include(PATH_ROOT.'config.php');
+        $this->dbsettings = $dbsettings;
+        $this->connect();
+    }
+
+    private function connect() {
+        $dsn = "mysql:host={$this->dbsettings['server']};dbname={$this->dbsettings['name']};charset=utf8";
+        try {
+            $this->pdo = new PDO($dsn, $this->dbsettings['user'], $this->dbsettings['pass']);
+            $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+        } catch (PDOException $e) {
+            die("Connection to databasse failed.");
+        }
+    }
+
+    public function doquery($table, $query, $params = []) {
+        $query = str_replace("{{table}}", $this->dbsettings["prefix"] . "_" . $table, $query);
+        $stmt = $this->pdo->prepare($query);
+        $stmt->execute($params);
+        $this->numqueries++;
+        return $stmt;
+    }
+
+    public function getNumQueries() {
+        return $this->numqueries;
+    }
+
+    public function getSecretWord() {
+        return $this->dbsettings["secretword"];
+    }
+}

kernel/init.php

@@ -31,6 +31,7 @@ if (DEBUG_MODE) {
 
 // Defined folders
 define('PATH_HELPERS', PATH_KERNEL . 'helpers' . DS);
+define('PATH_REPOSITORIES', PATH_KERNEL . 'repositories' . DS);
 
 require(PATH_HELPERS . 'validators.php');
 
@@ -41,9 +42,16 @@ require(PATH_KERNEL . 'namespace.php');
 require(PATH_KERNEL . 'router.php');
 require(PATH_KERNEL . 'messages.php');
 require(PATH_KERNEL . 'postdata.php');
+require(PATH_KERNEL . 'database.php');
+
+require(PATH_REPOSITORIES . 'base.php');
+require(PATH_REPOSITORIES . 'control.php');
 
 
 $starttime = getmicrotime();
 $numqueries = 0;
 
-$link = opendb();
+$link = opendb();
+
+// Repositories
+$controlRepositories = new ControlRepository();

kernel/repositories/base.php

@@ -0,0 +1,32 @@
+<?php
+
+class Repository {
+    private $table;
+
+    public function __construct($table) {
+        $this->table = $table;
+    }
+
+    public function getById($id) {
+        return $this->fetchOne("SELECT * FROM {{table}} WHERE id = :id", ['id' => $id]);
+    }
+
+    public function getAll() {
+        return $this->fetchAll("SELECT * FROM {{table}}");
+    }
+
+    protected function doquery($query, $params = []) {
+        global $db;
+        return $db->doquery($this->table, $query, $params);
+    }
+
+    protected function fetchOne($query, $params) {
+        $stmt = $this->doquery($query, $params);
+        return $stmt->fetch(PDO::FETCH_ASSOC);
+    }
+
+    protected function fetchAll($query, $params) {
+        $stmt = $this->doquery($query, $params);
+        return $stmt->fetchAll(PDO::FETCH_ASSOC);
+    }
+}

kernel/repositories/control.php

@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * Repository pour la table principale du site, qui contient
+ * les informations "systèmes" du jeu.
+ */
+class ControlRepository extends Repository {
+    public function __construct() {
+        parent::__construct('control');
+    }
+
+    public function get() {
+        return $this->getById(1);
+    }
+}