Witam, mam nastepujacy problem. Mam klase obsługującą zapytania z bazy danych. Do tego napisałem własną klase, czyszcząca zapytanie z ataku sql injection. Nie mam pojęcia jak je polaczyc, by switch, wyswietlał mi informacje z bazy danych.

Oto klasa do obslugi bazy danych w pliku mysql.class.php

[PHP] pobierz, plaintext 
<?php
class sqlObject {
var $connection;
var $database;
var $query;
var $result = array();
var $records = array();
var $queries = 0;
var $lastId;
 
 
 function error() {
echo '<b>'.mysql_errno().'</b> : '.mysql_error().'<br>n';
} 
 
 function connect($host, $user, $password, $database, $persistent=FALSE) {
$this->connection = ($persistent==TRUE) ? mysql_pconnect($host, $user, $password) : mysql_connect($host, $user, $password);
if($this->connection && $database != "") {
$this->database = mysql_select_db($database, $this->connection);
if($this->database) {
return TRUE;
} else {
$this->error();
mysql_close($this->connection);
return FALSE;
}
} else {
$this->error();
return FALSE;
}
} 
 
 function close() {
if($this->connection) {
if($this->result) mysql_free_result($this->result);
mysql_close($this->connection);
unset($this->query);
unset($this->result);
unset($this->database);
unset($this->connection);
return TRUE;
} else $this->error();
} 
 
 function query($query) {
if($query!="" && $this->database) {
$this->query = $query;
if($this->result) mysql_free_result($this->result);
if($this->result = mysql_query($this->query, $this->connection)) {
$this->lastId = mysql_insert_id();
$this->queries++;
return $this->result;
} else {
$this->error();
}
} else $this->error();
} 
 
 function fetchArray($resultHandle=0) {
$this->result = ($resultHandle==0) ? $this->result : $resultHandle;
if($this->database && $this->result) {
$this->records = mysql_fetch_array($this->result, MYSQL_ASSOC);
if(is_array($this->records)) return $this->records;
else $this->error();
} else $this->error();
} 
 
 function fetchRow($resultHandle=0) {
$this->result = ($resultHandle==0) ? $this->result : $resultHandle;
if($this->database) {
$this->records = mysql_fetch_row($this->result, MYSQL_ASSOC);
if($this->records) return $this->records;
else $this->error();
} else $this->error();
} 
 
 
function numRows() {
if($numRows = mysql_num_rows($this->result)) return $numRows;
else $this->error();
} 
}
?>
[PHP] pobierz, plaintext 

Oto klasa wyswietlajaca zawartosc strony :

[PHP] pobierz, plaintext 
<?php
class wyswietlanie extends sqlObject{
    var $id;
    function __construct(){
    $this->zmienna = $id;
    $this->query;
    }
 
    function czysc($id){
    
    if (get_magic_quotes_gpc()) {
    $id = mysql_real_escape_string(stripslashes($id));
    }else{
    $id = mysql_real_escape_string($id);
    }
    return $id;
    }
 
    function zawartosc($id){
    switch($id){
    case 1:
    $this->query("SELECT * FROM test");
    echo $this->query['imie'];
    while($row = $this->fetchArray()) {
    echo $row['imie'].':'.$row['nazwisko'].'<br>';
    }
     break;
    case 2: echo '<br>dwojka'; break;
    default: echo '<br>default';
    }
    }
}
?>
[PHP] pobierz, plaintext 

a tak proboje to wywołac w pliku index:

[PHP] pobierz, plaintext 
<?php
include('mysql.class.php');
include('konfiguracja.php');
include('wyswietlanie.class.php');
$sql = new sqlObject;
$sql->connect($host_mysql, $login_mysql, $haslo_mysql, $baza_mysql);
$id = $_GET['id'];
if(isset($id)){
$obiekt = new wyswietlanie;
echo $obiekt->zawartosc($obiekt->czysc($id));
 
}else {echo 'dopisz do adresu zmienna get'; }
?>
[PHP] pobierz, plaintext 

Prosze o pomoc, by skrypt wyswietlal zawartosc bazy. bo jak narazie nie ma bledu, ale wyswietla takie cos :

ewentualnie jak zrobic to prostszym sposobem?