+# call either of these ways:
+#
+# db_insert('people', 'name,company', 'jason', 'widgets ltd');
+# or
+# db_insert('people', 'name,company', array('jason', 'widgets ltd'));
+function db_insert($table, $columns, $values) {
+ if(!is_array($values)) {
+ $values = func_get_args();
+ $values = array_slice($values, 2);
+ }
+
+ db_insert_ish('INSERT', $table, $columns, $values);
+}
+# same as above, except uses the "replace" command instead of "insert"
+function db_replace($table, $columns, $values) {
+ if(!is_array($values)) {
+ $values = func_get_args();
+ $values = array_slice($values, 2);
+ }
+
+ db_insert_ish('REPLACE', $table, $columns, $values);
+}
+
+# return the value mysql made up for the auto_increment field (for the last insert)
+function db_auto_id() {
+ return mysql_insert_id($GLOBALS['wfpl_db_handle']);
+}
+
+
+# used to implement db_insert() and db_replace()
+function db_insert_ish($command, $table, $columns, $values) {
+
+ $sql = '';
+ foreach($values as $value) {
+ if($sql) $sql .= ',';
+ $sql .= '"' . enc_sql($value) . '"';
+ }
+
+ $sql = "$command INTO $table ($columns) values($sql)";
+
+ db_send_query($sql);
+}
+
+# to be consistant with the syntax of the other db functions, $values can be an
+# array, a single value, or multiple parameters.
+#
+# as usual the where clause stuff is optional, but it will ofcourse update the
+# whole table if you leave it off.
+#
+# examples:
+#
+# # name everybody Bruce
+# db_update('users', 'name', 'Bruce');
+#
+# # name user #6 Bruce
+# db_update('users', 'name', 'Bruce', 'where id=%i', 6);
+#
+# # update the whole bit for user #6
+# db_update('users', 'name,email,description', 'Bruce', 'bruce@example.com', 'is a cool guy', 'where id=%i', 6);
+#
+# # update the whole bit for user #6 (passing data as an array)
+# $data = array('Bruce', 'bruce@example.com', 'is a cool guy');
+# db_update('users', 'name,email,description', $data, 'where id=%i', 6);
+
+# The prototype is really something like this:
+# db_update(table, columns, values..., where(optional), where_args...(optional))
+function db_update($table, $columns, $values) {
+ $args = func_get_args();
+ $args = array_slice($args, 2);
+ $columns = explode(',', $columns);
+ $num_fields = count($columns);
+
+ if(is_array($values)) {
+ $args = array_slice($args, 1);
+ } else {
+ $values = array_slice($args, 0, $num_fields);
+ $args = array_slice($args, $num_fields);
+ }
+
+ $sql = '';
+ for($i = 0; $i < $num_fields; ++$i) {
+ if($sql != '') {
+ $sql .= ', ';
+ }
+ $sql .= $columns[$i] . ' = "' . enc_sql($values[$i]) . '"';
+ }
+
+
+ $sql = "UPDATE $table SET $sql";
+
+ # if there's any more arguments
+ if($args) {
+ $where = $args[0];
+ $args = array_slice($args, 1);
+
+ $sql .= ' ';
+ # any left for where claus arguments?
+ if($args) {
+ $sql .= _db_printf($where, $args);
+ } else {
+ $sql .= $where;
+ }
+
+ }
+
+ db_send_query($sql);
+}
+
+# pass args for printf-style where clause as usual
+function db_delete($table, $where = '') {
+ $sql = "DELETE FROM $table";
+ if($where) {
+ $sql .= ' ';
+ $args = func_get_args();
+ $args = array_slice($args, 2);
+ if($args) {
+ $sql .= _db_printf($where, $args);
+ } else {
+ $sql .= $where;
+ }
+ }
+
+ db_send_query($sql);
+}
+